WordPress Breakdance plugin <= 1.7.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Francesco Carlucci in WordPress Plugin Breakdance versions = 1.7.2...

WordPress Breakdance Plugin <= 1.7.2 is vulnerable to Cross Site Scripting (XSS)

Software Breakdance Type Plugin Vulnerable versions = 1.7.2 Fixed in 2.0.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5330 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 6840d8f5eb2f Credits Francesco Carlucci Required...

WordPress Breakdance Plugin <= 1.7.1 is vulnerable to Remote Code Execution (RCE)

Software Breakdance Type Plugin Vulnerable versions = 1.7.1 Fixed in 1.7.2 OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2024-4605 Patch priority Medium CVSS severity Medium 8.8 Developer Claim ownership PSID 7a57cfb648b8 Credits Francesco Carlucci Required privilege...

WordPress Breakdance Plugin <= 1.7.0 is vulnerable to Cross Site Scripting (XSS)

Software Breakdance Type Plugin Vulnerable versions = 1.7.0 Fixed in 1.7.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-6854 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0b7ea50f2b37 Credits Francesco Carlucci Required privilege...

WordPress Breakdance plugin <= 1.7.2 - Authenticated Remote Code Execution (RCE) vulnerability

Authenticated Remote Code Execution RCE vulnerability discovered by Snicco in WordPress Plugin Breakdance versions = 1.7.2...