Lucene search
+L

4 matches found

redhatcve
redhatcve
added 2025/05/23 9:59 a.m.21 views

CVE-2024-1658

The Grid Shortcodes WordPress plugin before 1.1.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS5.9AI score0.00379EPSS
Exploits2References1
nvd
nvd
added 2024/03/18 4:15 p.m.17 views

CVE-2024-1658

The Grid Shortcodes WordPress plugin before 1.1.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS5.6AI score0.00379EPSS
Exploits2References1
vulnrichment
vulnrichment
added 2024/03/18 3:15 p.m.13 views

CVE-2024-1658 Grid Shortcodes < 1.1.1 - Contributor+ Stored XSS

The Grid Shortcodes WordPress plugin before 1.1.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.9AI score0.00379EPSS
Exploits2References1
cve
cve
added 2024/03/18 3:15 p.m.70 views

CVE-2024-1658

CVE-2024-1658 affects the Grid Shortcodes WordPress plugin prior to 1.1.1. The root cause is that the plugin does not validate and escape certain shortcode attributes before outputting them in a page/post, enabling a Stored XSS when the shortcode is embedded. Impact: users with the contributor ro...

5.4CVSS5.8AI score0.00379EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder