Lucene search
K

6 matches found

OSV
OSV
added 2024/06/21 6:15 a.m.4 views

CVE-2024-4377

The DOP Shortcodes WordPress plugin through 1.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS5.8AI score0.00315EPSS
Exploits2References1
NVD
NVD
added 2024/06/21 6:15 a.m.28 views

CVE-2024-4377

The DOP Shortcodes WordPress plugin through 1.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.1CVSS0.00315EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/06/21 6:0 a.m.24 views

CVE-2024-4377 DOP Shortcodes <= 1.2 - Contributor+ Stored XSS via Shortcode

The DOP Shortcodes WordPress plugin through 1.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

0.00315EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2024/06/21 6:0 a.m.19 views

CVE-2024-4377 DOP Shortcodes <= 1.2 - Contributor+ Stored XSS via Shortcode

The DOP Shortcodes WordPress plugin through 1.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.8AI score0.00315EPSS
Exploits2References1
CVE
CVE
added 2024/06/21 6:0 a.m.63 views

CVE-2024-4377

CVE-2024-4377 affects the DOP Shortcodes WordPress plugin (versions

6.1CVSS5.5AI score0.00315EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2024/06/21 12:0 a.m.14 views

WordPress DOP Shortcodes Plugin <= 1.2 is vulnerable to Cross Site Scripting (XSS)

Software DOP Shortcodes Type Plugin Vulnerable versions = 1.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4377 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 358272ad2236 Credits Bob Matyas Required privilege...

6.1CVSS5.7AI score0.00315EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder