exploitDog

GHSA-x8c4-4qx3-cf7m

Опубликовано: 28 нояб. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

The Logo Slider WordPress plugin before 4.5.0 does not sanitise and escape some of its Logo and Slider settings, which could allow high privilege users such as Contributor to perform Stored Cross-Site Scripting

The Logo Slider WordPress plugin before 4.5.0 does not sanitise and escape some of its Logo and Slider settings, which could allow high privilege users such as Contributor to perform Stored Cross-Site Scripting

Ссылки

EPSS

Процентиль: 30%

0.00112

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-78

Связанные уязвимости

CVE-2024-10896

CVSS3: 5.4

nvd

около 1 года назад

The Logo Slider WordPress plugin before 4.5.0 does not sanitise and escape some of its Logo and Slider settings, which could allow high privilege users such as Contributor to perform Stored Cross-Site Scripting

EPSS

Процентиль: 30%

0.00112

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-78