2 matches found
CVE-2024-1723
The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in all versions up to, and including, 1.58.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor acce...
WordPress SiteOrigin Widgets Bundle Plugin <= 1.58.7 is vulnerable to Cross Site Scripting (XSS)
Software SiteOrigin Widgets Bundle Type Plugin Vulnerable versions = 1.58.7 Fixed in 1.58.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1723 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID e694b5dcc55d Credits wesley wcraf...