4 matches found
CVE-2024-11266
creationtimestamp| type| source ---|---|--- 2025-05-20 19:42:45+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/17053...
WordPress Geocache Stat Bar Widget plugin <= 0.911 - Admin+ Stored XSS vulnerability
Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin Geocache Stat Bar Widget versions = 0.911...
CVE-2024-11266 Geocache Stat Bar Widget <= 0.911 - Admin+ Stored XSS
The Geocache Stat Bar Widget WordPress plugin through 0.911 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-11266
CVE-2024-11266 concerns the Geocache Stat Bar Widget WordPress plugin, up to version 0.911, which does not sufficiently sanitize/escape certain settings. This can let high-privilege users (e.g., admins) perform Stored Cross-Site Scripting even when unfiltered_html is disallowed, particularly in m...