CVE-2024-5444

The Bible Text WordPress plugin through 0.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2024-5444 Bible Text <= 0.2 - Contributor+ Stored XSS

The Bible Text WordPress plugin through 0.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

WordPress plugin Bible Text security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation, WordPress is a blogging platform developed in PHP. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress plugin...

WordPress Bible Text plugin <= 0.2 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin Bible Text versions = 0.2...

WordPress Bible Text Plugin <= 0.2 is vulnerable to Cross Site Scripting (XSS)

Software Bible Text Type Plugin Vulnerable versions = 0.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5444 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d17108b2186b Credits Bob Matyas Required privilege...