5 matches found
CVE-2024-11229
The 코드엠샵 소셜톡 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's addplusfriends and addplustalk shortcodes in all versions up to, and including, 1.1.18 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-11229
creationtimestamp| type| source ---|---|--- 2024-11-23 11:42:56+00:00| seen| https://infosec.exchange/users/cve/statuses/113532087565057168...
CVE-2024-11229 코드엠샵 소셜톡 <= 1.1.18 - Authenticated (Contributor+) Stored Cross-Site Scripting via add_plus_friends and add_plus_talk Shortcodes
The 코드엠샵 소셜톡 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's addplusfriends and addplustalk shortcodes in all versions up to, and including, 1.1.18 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-11229 코드엠샵 소셜톡 <= 1.1.18 - Authenticated (Contributor+) Stored Cross-Site Scripting via add_plus_friends and add_plus_talk Shortcodes
The 코드엠샵 소셜톡 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's addplusfriends and addplustalk shortcodes in all versions up to, and including, 1.1.18 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
WordPress 코드엠샵 소셜톡 Plugin <= 1.1.18 is vulnerable to Cross Site Scripting (XSS)
Software 코드엠샵 소셜톡 Type Plugin Vulnerable versions = 1.1.18 Fixed in 1.2.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11229 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 68c0c2cab457 Credits Peter Thaleikis Required...