3 matches found
CVE-2024-2968
The WP-Eggdrop plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and...
CVE-2024-2968
CVE-2024-2968 affects the WP-Eggdrop WordPress plugin. The vulnerability is a Stored Cross-Site Scripting flaw in admin settings across all versions up to 0.1, due to insufficient input sanitization and output escaping. It requires authenticated access (administrator-level) and affects multisite ...
WordPress WP-Eggdrop Plugin <= 0.1 is vulnerable to Cross Site Scripting (XSS)
Software WP-Eggdrop Type Plugin Vulnerable versions = 0.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2968 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 803cdc78c1d9 Credits Benedictus Jovan Required privile...