Cross-site Scripting Vulnerability in CozyThemes Cozy Blocks for WordPress
CVE-2024-50441
5.4MEDIUM
What is CVE-2024-50441?
The CozyBlocks plugin for WordPress developed by CozyThemes is vulnerable to a Cross-site Scripting (XSS) issue due to improper input neutralization during web page generation. This vulnerability allows for the possibility of stored XSS attacks, which could lead to unauthorized code execution and potential data leakage when a user interacts with a compromised page. Affected versions include Cozy Blocks from n/a through 2.0.15. Website administrators are urged to evaluate their installations and apply necessary updates to mitigate this security risk.