5 matches found
CVE-2024-24928
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Arunas Liuiza Content Cards allows Stored XSS.This issue affects Content Cards: from n/a through 0.9.7...
CVE-2024-24928
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Arunas Liuiza Content Cards allows Stored XSS.This issue affects Content Cards: from n/a through 0.9.7...
CVE-2024-24928
CVE-2024-24928 affects the WordPress plugin Content Cards (versions up to 0.9.7). The issue is an unauthorized input handling flaw that enables Stored XSS via shortcode when rendering pages, due to insufficient input sanitization/output escaping by the plugin. The Wordfence vulnerability record f...
CVE-2024-24928 WordPress Content Cards Plugin <= 0.9.7 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Arunas Liuiza Content Cards allows Stored XSS.This issue affects Content Cards: from n/a through 0.9.7...
WordPress Content Cards Plugin <= 0.9.7 is vulnerable to Cross Site Scripting (XSS)
Software Content Cards Type Plugin Vulnerable versions = 0.9.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-24928 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 6115f90df15e Credits Ngô Thiên An ancorn from VNPT-VCI Required...