Lucene search
K

4 matches found

NVD
NVD
added 2024/03/28 5:15 a.m.19 views

CVE-2024-0673

The Pz-LinkCard WordPress plugin through 2.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

6.1CVSS5.7AI score0.00467EPSS
Exploits2References1
CVE
CVE
added 2024/03/28 5:0 a.m.76 views

CVE-2024-0673

CVE-2024-0673 affects the WordPress plugin Pz-LinkCard up to version 2.5.1. The issue is that the plugin does not sanitise and escape some settings, enabling high-privilege users (e.g., Administrators) to perform Cross-Site Scripting, even when unfiltered_html is disallowed. Public details from m...

6.1CVSS6AI score0.00467EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/28 5:0 a.m.16 views

CVE-2024-0673 Pz-LinkCard <= 2.5.1 - Admin+ Stored XSS

The Pz-LinkCard WordPress plugin through 2.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

6.2AI score0.00467EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/03/28 5:0 a.m.21 views

CVE-2024-0673 Pz-LinkCard <= 2.5.1 - Admin+ Stored XSS

The Pz-LinkCard WordPress plugin through 2.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

5.8AI score0.00467EPSS
Exploits2References1
Rows per page
Query Builder