CVE-2024-2729

Name of the Vulnerable Software and Affected Versions Otter Blocks WordPress plugin versions prior to 2.6.6

Description The issue arises from the Otter Blocks WordPress plugin not properly escaping its mainHeadings blocks' attribute before appending it to the final rendered block. This allows contributors to conduct Stored XSS attacks.

Recommendations For versions prior to 2.6.6, update to version 2.6.6 or later to resolve the issue. As a temporary workaround, consider disabling the mainHeadings block until a patch is available. Restrict access to the mainHeadings attribute to minimize the risk of exploitation.