5 matches found
WordPress Post Grid, Post Carousel, & List Category Posts plugin < 2.4.28 - Editor+ Stored XSS vulnerability
Editor+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Post Grid, Post Carousel, & List Category Posts – by Smart Post Show versions 2.4.28...
CVE-2024-3996
creationtimestamp| type| source ---|---|--- 2025-05-15 20:33:43+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/16561...
CVE-2024-3996
The Smart Post Show WordPress plugin before 2.4.28 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-3996 Post Grid, Post Carousel, & List Category Posts < 2.4.28 - Editor+ Stored XSS
The Smart Post Show WordPress plugin before 2.4.28 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-3996 Post Grid, Post Carousel, & List Category Posts < 2.4.28 - Editor+ Stored XSS
The Smart Post Show WordPress plugin before 2.4.28 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...