CVE-2023-36385

Name of the Vulnerable Software and Affected Versions wpxpo PostX – Gutenberg Post Grid Blocks plugin versions <= 2.9.9

Description The issue is related to an Unauth. Reflected Cross-Site Scripting (XSS) vulnerability. This type of vulnerability allows an attacker to inject malicious scripts into a website, potentially leading to unauthorized actions on behalf of the user.

Recommendations For wpxpo PostX – Gutenberg Post Grid Blocks plugin versions <= 2.9.9, update to a version higher than 2.9.9 to resolve the issue. As a temporary workaround, consider restricting access to the plugin's functionality to minimize the risk of exploitation.