2 matches found
WordPress Webmention plugin <= 5.6.2 - Authenticated (Subscriber+) Server-Side Request Forgery vulnerability
Authenticated Subscriber+ Server-Side Request Forgery vulnerability discovered by Duong Quang Hao in WordPress Plugin Webmention versions = 5.6.2...
CVE-2024-5763
The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the videodate attribute within the plugin's Video widget in all versions up to, and including, 5.6.2 due to insufficient inpu...