2 matches found
WordPress Phlox plugin <= 2.17.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via `data-caption` HTML Attribute vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via data-caption HTML Attribute vulnerability discovered by Webbernaut in WordPress Theme Phlox versions = 2.17.7...
CVE-2024-50500 WordPress Phlox Core Elements plugin <= 2.17.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in averta Shortcodes and extra features for Phlox theme auxin-elements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shortcodes and extra features for Phlox theme: from n/a through = 2.17.4...