4 matches found
CVE-2024-1323
creationtimestamp| type| source ---|---|--- 2024-02-27 06:21:59+00:00| seen| https://t.me/ctinow/194022 2024-02-27 06:21:59+00:00| seen| https://t.me/ctinow/194023 2024-03-14 11:21:26+00:00| seen| https://t.me/ctinow/207636...
CVE-2024-1323 Orbit Fox by ThemeIsle <= 2.10.30 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Post Type Grid Widget Title in all versions up to, and including, 2.10.30 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible fo...
CVE-2024-1323
CVE-2024-1323 affects Orbit Fox by ThemeIsle (WordPress). Stored XSS via the Post Type Grid Widget Title in versions up to 2.10.30 occurs due to insufficient input sanitization and output escaping of user attributes. Exploitation requires authentication at Contributor+ level; attacker could injec...
WordPress Orbit Fox by ThemeIsle Plugin <= 2.10.31 is vulnerable to Cross Site Scripting (XSS)
Software Orbit Fox by ThemeIsle Type Plugin Vulnerable versions = 2.10.31 Fixed in 2.10.32 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1323 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 18903688a247 Credits Webbernaut...