Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:58 a.m.6 views

CVE-2024-1331

The Team Members WordPress plugin before 5.3.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the author role and above to perform Stored Cross-Site Scripting attacks...

6.1CVSS5.9AI score0.00443EPSS
Exploits2References1
Patchstack
Patchstack
added 2024/03/19 12:0 a.m.7 views

WordPress Team Members Plugin < 5.3.2 is vulnerable to Cross Site Scripting (XSS)

Software Team Members Type Plugin Vulnerable versions 5.3.2 Fixed in 5.3.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1331 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID fdcd0cb6fba4 Credits Dmitrii Ignatyev Required...

6.1CVSS6AI score0.00443EPSS
Exploits2References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/18 3:15 p.m.14 views

CVE-2024-1331 Team Members < 5.3.2 - Author+ Stored XSS

The Team Members WordPress plugin before 5.3.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the author role and above to perform Stored Cross-Site Scripting attacks...

6AI score0.00443EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/03/18 3:15 p.m.21 views

CVE-2024-1331 Team Members < 5.3.2 - Author+ Stored XSS

The Team Members WordPress plugin before 5.3.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the author role and above to perform Stored Cross-Site Scripting attacks...

5.8AI score0.00443EPSS
Exploits2References1
CVE
CVE
added 2024/03/18 3:15 p.m.70 views

CVE-2024-1331

CVE-2024-1331 affects the Team Members WordPress plugin prior to version 5.3.2. The vulnerability arises because certain shortcode attributes are not validated or escaped before being output in a post/page where the shortcode is embedded. This can allow users with the author role or higher to per...

6.1CVSS5.9AI score0.00443EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder