2 matches found
WordPress Reviews and Rating – Google My Business Plugin <= 5.2 is vulnerable to Cross Site Scripting (XSS)
Software Reviews and Rating – Google My Business Type Plugin Vulnerable versions = 5.2 Fixed in 5.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5218 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID e783e142cbef Credits wesl...
CVE-2024-5218 Reviews and Rating – Google Reviews <= 5.2 - Authenticated (Author+) Stored Cross-Site Scripting
The Reviews and Rating – Google Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's file upload feature in all versions up to, and including, 5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...