Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:10 a.m.6 views

CVE-2024-12872

The Zalomení WordPress plugin through 1.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS4.7AI score0.00257EPSS
Exploits1References1
Patchstack
Patchstack
added 2025/01/31 8:32 a.m.5 views

WordPress Zalomení plugin <= 1.5 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Taufique Noorani in WordPress Plugin Zalomení versions = 1.5...

4.8CVSS6.1AI score0.00257EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2025/01/31 6:15 a.m.22 views

CVE-2024-12872

The Zalomení WordPress plugin through 1.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS0.00257EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/01/31 6:0 a.m.17 views

CVE-2024-12872 Zalomení <= 1.5 - Admin+ Stored XSS

The Zalomení WordPress plugin through 1.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

0.00257EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/01/31 6:0 a.m.12 views

CVE-2024-12872 Zalomení <= 1.5 - Admin+ Stored XSS

The Zalomení WordPress plugin through 1.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.7AI score0.00257EPSS
Exploits1References1
CVE
CVE
added 2025/01/31 6:0 a.m.52 views

CVE-2024-12872

CVE-2024-12872 affects the Zalomení WordPress plugin (versions up to 1.5). The issue stems from insufficient sanitisation/escaping of certain settings, allowing a high-privilege user (e.g., an admin) to perform Stored Cross-Site Scripting, even when unfiltered_html is disallowed (notably in multi...

4.8CVSS5.4AI score0.00257EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder