CVE-2024-11387

The Easy Liveblogs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'elbliveblog' shortcode in all versions up to, and including, 2.3.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

CVE-2024-11387

The Easy Liveblogs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'elbliveblog' shortcode in all versions up to, and including, 2.3.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

CVE-2024-11387 Easy Liveblogs <= 2.3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Easy Liveblogs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'elbliveblog' shortcode in all versions up to, and including, 2.3.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

CVE-2024-11387

The CVE-2024-11387 issue affects the WordPress plugin Easy Liveblogs (shortcode elb_liveblog) up to version 2.3.5. Root cause: insufficient input sanitization and output escaping on user-supplied attributes, enabling Stored Cross-Site Scripting. Impact: authenticated users with contributor-level ...

EUVD-2024-33789

The Easy Liveblogs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'elbliveblog' shortcode in all versions up to, and including, 2.3.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

CVE-2024-11387 Easy Liveblogs <= 2.3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Easy Liveblogs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'elbliveblog' shortcode in all versions up to, and including, 2.3.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

WordPress plugin Easy Liveblogs 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Easy Liveblogs plugin <= 2.3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by SOPROBRO in WordPress Plugin Easy Liveblogs versions = 2.3.5...

WordPress Easy Liveblogs Plugin <= 2.3.5 is vulnerable to Cross Site Scripting (XSS)

Software Easy Liveblogs Type Plugin Vulnerable versions = 2.3.5 Fixed in 2.3.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11387 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 6da863109659 Credits SOPROBRO Required...

PT-2024-16951 · WordPress · Easy Liveblogs

Name of the Vulnerable Software and Affected Versions: Easy Liveblogs plugin for WordPress versions up to, and including, 2.3.5 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'elb liveblog' shortcode due to insufficient input sanitization and output escaping on...