2 matches found
CVE-2024-4419
CVE-2024-4419 – Fetch JFT (WordPress) stored XSS in all versions up to 1.8.3. Root cause: insufficient input sanitization and output escaping in admin/settings, enabling authenticated attackers with administrator-level permissions to inject scripts that run when users view injected pages. Affecte...
WordPress Fetch JFT Plugin <= 1.8.3 is vulnerable to Cross Site Scripting (XSS)
Software Fetch JFT Type Plugin Vulnerable versions = 1.8.3 Fixed in 1.8.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4419 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 70f08e1c695e Credits Benedictus Jovan aillesiM...