WordPress Advanced Sermons Plugin <= 3.4 is vulnerable to Cross Site Scripting (XSS)

Software Advanced Sermons Type Plugin Vulnerable versions = 3.4 Fixed in 3.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50458 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0e069038bb43 Credits SOPROBRO Required privilege Contributor...

CVE-2024-7599

The Advanced Sermons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘sermonvideoembed’ parameter in all versions up to, and including, 3.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

WordPress Advanced Sermons plugin <= 3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Advanced Sermons versions = 3.3...

WordPress Advanced Sermons Plugin <= 3.1 is vulnerable to Cross Site Scripting (XSS)

Software Advanced Sermons Type Plugin Vulnerable versions = 3.1 Fixed in 3.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29928 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID bc2c7d256317 Credits Dhabaleshwar Das Required privilege...

WordPress Advanced Sermons Plugin <= 3.2 is vulnerable to Cross Site Scripting (XSS)

Software Advanced Sermons Type Plugin Vulnerable versions = 3.2 Fixed in 3.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-27952 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b2bcdc917d74 Credits Le Ngoc Anh Required privilege...