2 matches found
CVE-2024-1070
creationtimestamp| type| source ---|---|--- 2024-03-04 06:42:06+00:00| seen| https://t.me/ctinow/199021...
CVE-2024-1070
CVE-2024-1070 concerns the SiteOrigin Widgets Bundle plugin for WordPress. It describes a Stored XSS via the features attribute in all versions up to 1.58.2 caused by insufficient input sanitization and output escaping. The vulnerability permits authenticated attackers with contributor+ privilege...