2 matches found
CVE-2024-3984 EmbedSocial – Social Media Feeds, Reviews and Galleries <= 1.1.29 - Authenticated (Contributor+) Stored Cross-Site Scripting
The EmbedSocial – Social Media Feeds, Reviews and Galleries plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'embedsocialreviews' shortcode in all versions up to, and including, 1.1.29 due to insufficient input sanitization and output escaping on user supplied...
WordPress EmbedSocial Plugin <= 1.1.29 is vulnerable to Cross Site Scripting (XSS)
Software EmbedSocial Type Plugin Vulnerable versions = 1.1.29 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3984 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 9b4cd9d91bb7 Credits Krzysztof Zając Required...