EUVD-2024-17330

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Plugin vulnerable to Stored Cross-Site Scripting due to poor sanitization in versions up to 1.26

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2024-1586	8 Mar 202414:21	–	circl
CNNVD	WordPress Plugin Schema & Structured Data for WP & AMP Security Vulnerability	29 Feb 202400:00	–	cnnvd
CVE	CVE-2024-1586	20 Feb 202418:56	–	cve
Cvelist	CVE-2024-1586 Schema & Structured Data for WP & AMP <= 1.26 - Authenticated (Custom) Stored Cross-Site Scripting	20 Feb 202418:56	–	cvelist
NVD	CVE-2024-1586	29 Feb 202401:43	–	nvd
Patchstack	WordPress Schema & Structured Data for WP & AMP Plugin <= 1.26 is vulnerable to Cross Site Scripting (XSS)	20 Feb 202400:00	–	patchstack
Prion	Cross site scripting	29 Feb 202401:43	–	prion
RedhatCVE	CVE-2024-1586	23 May 202508:21	–	redhatcve
Vulnrichment	CVE-2024-1586	20 Feb 202418:56	–	vulnrichment
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (February 19, 2024 to February 25, 2024)	29 Feb 202417:09	–	wordfence

[
  {
    "enisaIdVendor": [
      {
        "id": "95210b7f-769f-38ab-8dfc-535c1e28a000",
        "vendor": {
          "name": "Magazine3"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "10973613-bc72-3e80-a562-5e54ddf90032",
        "product": {
          "name": "Schema & Structured Data for WP & AMP"
        },
        "product_version": "* ≤1.26"
      },
      {
        "id": "47490f1a-c955-382b-beff-cf7318b5eba1",
        "product": {
          "name": "Schema & Structured Data for WP & AMP"
        }
      }
    ]
  }
]

Source	Link
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/7e7e6ea7-4e0b-4d8a-9306-45b55d41fbb5
plugins	www.plugins.trac.wordpress.org/changeset

03 Oct 2025 20:07Current

7.2High risk

Vulners AI Score7.2

CVSS 3.15.4 - 6.4

EPSS0.00175

SSVC