6 matches found
CVE-2024-11843
creationtimestamp| type| source ---|---|--- 2025-05-20 19:43:02+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17063...
WordPress Panorama – WordPress Project Management Plugin plugin <= 1.5.1 - Admin+ Stored XSS vulnerability
Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin Panorama – WordPress Project Management Plugin versions = 1.5.1...
CVE-2024-11843
The Panorama WordPress plugin through 1.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-11843 Panorama – WordPress Project Management Plugin <= 1.5.1 - Admin+ Stored XSS
The Panorama WordPress plugin through 1.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-11843 Panorama – WordPress Project Management Plugin <= 1.5.1 - Admin+ Stored XSS
The Panorama WordPress plugin through 1.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-11843
CVE-2024-11843 affects the Panorama WordPress plugin up to version 1.5.1. The vulnerability arises because the plugin does not sanitize and escape certain settings, enabling Stored XSS when administered by high-privilege users (admin), even if unfiltered_html is disallowed (e.g., in multisite). A...