CVE-2024-29807

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DearHive DearFlip allows Stored XSS.This issue affects DearFlip: from n/a through 2.2.26...

CVE-2024-29807 WordPress DearFlip plugin <= 2.2.26 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DearHive DearFlip allows Stored XSS.This issue affects DearFlip: from n/a through 2.2.26...

CVE-2024-29807

CVE-2024-29807 is a Stored XSS vulnerability in the DearFlip DearFlip WordPress plugin (DearFlip). The issue arises from improper neutralization of input during web page generation, enabling attacker-supplied input to be stored and later executed in the context of the victim’s browser. Affected p...

WordPress DearFlip Plugin <= 2.2.26 is vulnerable to Cross Site Scripting (XSS)

Software DearFlip Type Plugin Vulnerable versions = 2.2.26 Fixed in 2.2.27 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29807 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 59b13b8a28ca Credits emad Required privilege Contributor Publish...