5 matches found
CVE-2024-11388
The Dino Game – Embed Google Chrome Dinosaur Game in WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'dino-game' shortcode in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping on user supplied attribute...
CVE-2024-11388
creationtimestamp| type| source ---|---|--- 2024-11-21 03:22:51+00:00| seen| https://infosec.exchange/users/cve/statuses/113518796515663612 2024-11-22 16:50:38+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/9139...
CVE-2024-11388 Dino Game – Embed Google Chrome Dinosaur Game in WordPress <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Dino Game – Embed Google Chrome Dinosaur Game in WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'dino-game' shortcode in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping on user supplied attribute...
CVE-2024-11388 Dino Game – Embed Google Chrome Dinosaur Game in WordPress <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Dino Game – Embed Google Chrome Dinosaur Game in WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'dino-game' shortcode in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping on user supplied attribute...
WordPress Dino Game Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)
Software Dino Game Type Plugin Vulnerable versions = 1.1.0 Fixed in 1.2.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11388 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3063a938b1ce Credits SOPROBRO Required privilege...