Lucene search
+L

4 matches found

NVD
NVD
added 2024/03/31 8:15 p.m.18 views

CVE-2024-30557

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aesopinteractive Aesop Story Engine allows Stored XSS.This issue affects Aesop Story Engine: from n/a through 2.3.2...

6.5CVSS6.4AI score0.0032EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/31 7:42 p.m.28 views

CVE-2024-30557 WordPress Aesop Story Engine plugin <= 2.3.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aesopinteractive Aesop Story Engine allows Stored XSS.This issue affects Aesop Story Engine: from n/a through 2.3.2...

6.5CVSS6.6AI score0.0032EPSS
Exploits0References1
CVE
CVE
added 2024/03/31 7:42 p.m.61 views

CVE-2024-30557

The connected record for CVE-2024-30557 indicates a stored cross-site scripting flaw in Aesop Story Engine for WordPress, up to version 2.3.2. Root cause: improper neutralization of input during web page generation. Access requires authentication (Contributor+). Impact per docs: stored XSS, with ...

6.5CVSS8.6AI score0.0032EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/03/29 12:0 a.m.8 views

WordPress Aesop Story Engine Plugin <= 2.3.2 is vulnerable to Cross Site Scripting (XSS)

Software Aesop Story Engine Type Plugin Vulnerable versions = 2.3.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-30557 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID eb3a9b3ded2e Credits LVT-tholv2k Required privilege...

6.5CVSS6.6AI score0.0032EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder