CVE-2024-5033

🗓️ 13 Jul 2024 06:03:15Reported by [email protected]Type

The SULly WordPress plugin lacks CSRF check, sanitisation, and escaping, allowing admin to add Stored XSS payload

Reporter	Title	Published	Views	Family All 5
Cvelist	CVE-2024-5033 SULly < 4.3.1 - Admin+ Stored XSS via CSRF	13 Jul 202406:00	–	cvelist
Vulnrichment	CVE-2024-5033 SULly < 4.3.1 - Admin+ Stored XSS via CSRF	13 Jul 202406:00	–	vulnrichment
CVE	CVE-2024-5033	13 Jul 202406:15	–	cve
Patchstack	WordPress SULly Plugin < 4.3.1 is vulnerable to Cross Site Request Forgery (CSRF)	15 Jul 202400:00	–	patchstack
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (June 17, 2024 to June 23, 2024)	27 Jun 202415:00	–	wordfence

Source	Link
wpscan	www.wpscan.com/vulnerability/dd42765a-1300-453f-9835-6e646c87e496/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

13 Jul 2024 06:15Current

CVSS35.9

EPSS0.00043