5 matches found
CVE-2024-35699
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in HasThemes HT Feed allows Stored XSS.This issue affects HT Feed: from n/a through 1.2.8...
CVE-2024-35699 WordPress HT Feed plugin <= 1.2.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in HasThemes HT Feed allows Stored XSS.This issue affects HT Feed: from n/a through 1.2.8...
CVE-2024-35699 WordPress HT Feed plugin <= 1.2.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in HasThemes HT Feed allows Stored XSS.This issue affects HT Feed: from n/a through 1.2.8...
CVE-2024-35699
CVE-2024-35699 is a Stored XSS flaw in HT Feed (HasThemes) affecting HT Feed versions up to 1.2.8. The issue arises from improper input neutralization during web page generation, enabling authenticated users to inject scripts. Red Hat/ENISA Wordfence context confirms the vulnerability and notes a...
WordPress HT Feed Plugin <= 1.2.8 is vulnerable to Cross Site Scripting (XSS)
Software HT Feed Type Plugin Vulnerable versions = 1.2.8 Fixed in 1.2.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-35699 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 9f74b2cf8eb8 Credits LVT-tholv2k Required privilege Contributor...