4 matches found
CVE-2024-30557
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aesopinteractive Aesop Story Engine allows Stored XSS.This issue affects Aesop Story Engine: from n/a through 2.3.2...
CVE-2024-30557 WordPress Aesop Story Engine plugin <= 2.3.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aesopinteractive Aesop Story Engine allows Stored XSS.This issue affects Aesop Story Engine: from n/a through 2.3.2...
CVE-2024-30557
The connected record for CVE-2024-30557 indicates a stored cross-site scripting flaw in Aesop Story Engine for WordPress, up to version 2.3.2. Root cause: improper neutralization of input during web page generation. Access requires authentication (Contributor+). Impact per docs: stored XSS, with ...
WordPress Aesop Story Engine Plugin <= 2.3.2 is vulnerable to Cross Site Scripting (XSS)
Software Aesop Story Engine Type Plugin Vulnerable versions = 2.3.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-30557 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID eb3a9b3ded2e Credits LVT-tholv2k Required privilege...