4 matches found
WordPress Advanced Social Feeds Widget & Shortcode Plugin <= 1.7 is vulnerable to Cross Site Scripting (XSS)
Software Advanced Social Feeds Widget & Shortcode Type Plugin Vulnerable versions = 1.7 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0951 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 185d76acedb2 Credits...
CVE-2024-0951
CVE-2024-0951 affects the WordPress plugin Advanced Social Feeds Widget & Shortcode (versions
WordPress Plugin Advanced Social Feeds Widget & Shortcode Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
PT-2024-15931 · WordPress · The Advanced Social Feeds Widget & Shortcode
Name of the Vulnerable Software and Affected Versions: The Advanced Social Feeds Widget & Shortcode WordPress plugin versions 1.7 and earlier Description: The issue concerns the lack of sanitization and escaping of some settings in the plugin, which could allow high-privilege users, such as admin...