2 matches found
CVE-2024-2126
The CVE-2024-2126 entry concerns Orbit Fox by ThemeIsle (WordPress plugin). A Stored Cross-Site Scripting (XSS) flaw exists in the Registration Form Widget across all versions up to and including 2.10.32, caused by insufficient input sanitization and output escaping. Exploitation requires authent...
WordPress Orbit Fox by ThemeIsle Plugin <= 2.10.32 is vulnerable to Cross Site Scripting (XSS)
Software Orbit Fox by ThemeIsle Type Plugin Vulnerable versions = 2.10.32 Fixed in 2.10.33 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2126 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 112915e33a62 Credits wesley wcraft...