3 matches found
CVE-2024-0254
The Simply Guest Author Name plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's post meta in all versions up to, and including, 4.34 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-0254
CVE-2024-0254 affects the WordPress plugin (Simply) Guest Author Name, vulnerable up to version 4.34 due to insufficient input sanitization and output escaping in post meta. This enables stored cross-site scripting by authenticated users with contributor-level permissions (or higher) and page loa...
CVE-2024-0254 (Simply) Guest Author Name <= 4.34 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Simply Guest Author Name plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's post meta in all versions up to, and including, 4.34 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...