6 matches found
CVE-2024-24839
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Gordon Böhme, Antonio Leutsch Structured Content JSON-LD wpsc allows Stored XSS.This issue affects Structured Content JSON-LD wpsc: from n/a through 1.6.1...
CVE-2024-24839
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Gordon Böhme, Antonio Leutsch Structured Content JSON-LD wpsc allows Stored XSS.This issue affects Structured Content JSON-LD wpsc: from n/a through 1.6.1...
CVE-2024-24839
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Gordon Böhme, Antonio Leutsch Structured Content JSON-LD wpsc allows Stored XSS.This issue affects Structured Content JSON-LD wpsc: from n/a through 1.6.1...
CVE-2024-24839
CVE-2024-24839 affects the WordPress plugin "Structured Content (JSON-LD)" (formerly known as Structured Content, wpsc). The issue is an authenticated Stored XSS (Contributor+ and above) via the plugin’s Classic Editor Shortcode, due to improper input sanitization/output escaping for JSON-LD cont...
CVE-2024-24839 WordPress Structured Content Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Gordon Böhme, Antonio Leutsch Structured Content JSON-LD wpsc allows Stored XSS.This issue affects Structured Content JSON-LD wpsc: from n/a through 1.6.1...
WordPress Structured Content Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS)
Software Structured Content Type Plugin Vulnerable versions = 1.6.1 Fixed in 1.6.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-24839 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 74b9c66453a9 Credits LVT-tholv2k Required privilege...