3 matches found
CVE-2024-4899
The SEOPress WordPress plugin before 7.8 does not sanitise and escape some of its Post settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks...
CVE-2024-4899 SEOPress < 7.8 - Contributor+ Stored XSS
The SEOPress WordPress plugin before 7.8 does not sanitise and escape some of its Post settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks...
WordPress SEOPress Plugin < 7.8 is vulnerable to Cross Site Scripting (XSS)
Software SEOPress Type Plugin Vulnerable versions 7.8 Fixed in 7.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4899 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a4a83ee6addf Credits Dmirtii Ignatyev Required privilege...