Lucene search
+L

6 matches found

redhatcve
redhatcve
added 2026/01/07 9:19 a.m.10 views

CVE-2024-2309

The WP STAGING WordPress Backup Plugin WordPress plugin before 3.4.0, wp-staging-pro WordPress plugin before 5.4.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml...

4.8CVSS5.6AI score0.00423EPSS
Exploits2References1
nvd
nvd
added 2024/04/17 5:15 a.m.20 views

CVE-2024-2309

The WP STAGING WordPress Backup Plugin WordPress plugin before 3.4.0, wp-staging-pro WordPress plugin before 5.4.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml...

4.8CVSS5.4AI score0.00423EPSS
Exploits2References1
vulnrichment
vulnrichment
added 2024/04/17 5:0 a.m.12 views

CVE-2024-2309 WP Staging < 3.4.0, 5.4.0 (Pro Version) - Admin+ Stored XSS

The WP STAGING WordPress Backup Plugin WordPress plugin before 3.4.0, wp-staging-pro WordPress plugin before 5.4.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml...

5.6AI score0.00423EPSS
Exploits2References1
cvelist
cvelist
added 2024/04/17 5:0 a.m.30 views

CVE-2024-2309 WP Staging < 3.4.0, 5.4.0 (Pro Version) - Admin+ Stored XSS

The WP STAGING WordPress Backup Plugin WordPress plugin before 3.4.0, wp-staging-pro WordPress plugin before 5.4.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml...

5.5AI score0.00423EPSS
Exploits2References1
patchstack
patchstack
added 2024/04/17 12:0 a.m.10 views

WordPress Wp Staging Pro Plugin < 5.4.0 is vulnerable to Cross Site Scripting (XSS)

Software Wp Staging Pro Type Plugin Vulnerable versions 5.4.0 Fixed in 5.4.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2309 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 5ceb32027563 Credits Dmitrii Ignatyev Required...

4.8CVSS5AI score0.00423EPSS
Exploits2References3Affected Software1
patchstack
patchstack
added 2024/04/17 12:0 a.m.9 views

WordPress WP STAGING – Backup Duplicator & Migration Plugin < 3.4.0 is vulnerable to Cross Site Scripting (XSS)

Software WP STAGING – Backup Duplicator & Migration Type Plugin Vulnerable versions 3.4.0 Fixed in 3.4.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2309 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 311188063c0d Credits...

4.8CVSS5AI score0.00423EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder