3 matches found
CVE-2024-11902
creationtimestamp| type| source ---|---|--- 2024-12-16 23:32:44+00:00| seen| https://infosec.exchange/users/cve/statuses/113665111737557669 2024-12-17 01:44:10+00:00| seen| https://t.me/cvedetector/13058...
CVE-2024-11902
CVE-2024-11902 affects the Slope Widgets WordPress plugin. The issue is a Stored Cross-Site Scripting vulnerability via the plugin’s slope-reservations shortcode, present in all versions up to 4.2.11, caused by insufficient input sanitization and output escaping of user-supplied attributes. Conse...
CVE-2024-11902 Slope Widgets <= 4.2.12 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Slope Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'slope-reservations' shortcode in all versions up to, and including, 4.2.12 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...