2 matches found
CVE-2024-2436
The CVE-2024-2436 entry concerns the Lightweight Accordion WordPress plugin. It describes a stored XSS in the plugin’s shortcodes caused by insufficient input sanitization and output escaping on user-supplied attributes, affecting all versions up to and including 1.5.16. The vulnerability require...
WordPress Lightweight Accordion Plugin <= 1.5.16 is vulnerable to Cross Site Scripting (XSS)
Software Lightweight Accordion Type Plugin Vulnerable versions = 1.5.16 Fixed in 1.5.17 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2436 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b6e6c77a276d Credits Krzysztof Zając...