From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. Vulnerability Name: Attributes for Blocks = 1,000 Active Installs 4. Vulnerability Description: - Describes a stored cross-site scripting (XSS) vulnerability in the Attributes for Blocks plugin, affecting versions up to and including 1.0.6, due to insufficient input and output sanitization. - Attackers can inject malicious scripts, which will execute in the browser when users visit pages containing the injected script. 5. Reference Links: - plugins.trac.wordpress.org - wordpress.org - plugins.trac.wordpress.org 6. Remediation Recommendation: - Upgrade to version 1.0.7 or later, which contains the fix. 7. Vulnerability Rating: - CVSS 3.1: AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N - CVSS Score: 6.4 (Medium) 8. Public Release Date: September 3, 2024 - Last Updated: September 4, 2024 9. Researcher: Francesco Carlucci 10. Copyright and Licensing Information: - © Defiant Inc., 2012–2024 - © MITRE Corporation, 1999–2024 11. Vulnerability Database: - The Wordfence Intelligence WordPress Vulnerability Database is free and accessible via API. 12. Additional Information: - Offers free and paid API access to Wordfence Intelligence, along with free Webhook integration, to stay updated on the latest vulnerabilities. This information helps users understand the vulnerability in detail and how to remediate and prevent such issues.