5 matches found
CVE-2024-0719
The Tabs Shortcode and Widget WordPress plugin through 1.17 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...
CVE-2024-0719 Tabs Shortcode and Widget <= 1.17 - Contributor+ Stored Cross-Site Scripting
The Tabs Shortcode and Widget WordPress plugin through 1.17 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...
CVE-2024-0719
CVE-2024-0719 affects Tabs Shortcode and Widget for WordPress (
CVE-2024-0719 Tabs Shortcode and Widget <= 1.17 - Contributor+ Stored Cross-Site Scripting
The Tabs Shortcode and Widget WordPress plugin through 1.17 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...
WordPress Tabs Shortcode and Widget Plugin <= 1.17 is vulnerable to Cross Site Scripting (XSS)
Software Tabs Shortcode and Widget Type Plugin Vulnerable versions = 1.17 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0719 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b7bc2e300121 Credits Dmitrii Ignatyev...