4 matches found
CVE-2024-12207
creationtimestamp| type| source ---|---|--- 2025-01-07 04:39:06+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/323 2025-01-07 05:16:35+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lf4vgoccj42i 2025-01-07 07:10:23+00:00| seen| https://t.me/cvedetector/14461...
CVE-2024-12207 Toggles Shortcode and Widget <= 1.14 - Authenticated (Administrator+) Stored Cross-Site Scripting
The Toggles Shortcode and Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘content’ parameter in all versions up to, and including, 1.14 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2024-12207 Toggles Shortcode and Widget <= 1.14 - Authenticated (Administrator+) Stored Cross-Site Scripting
The Toggles Shortcode and Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘content’ parameter in all versions up to, and including, 1.14 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2024-12207
CVE-2024-12207 : The Toggles Shortcode and Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the content parameter in all versions up to 1.14. Exploitation requires authenticated administrator access and affects multisite installations and sites where unfiltered_html is...