Lucene search
K

5 matches found

Patchstack
Patchstack
added 2025/05/19 1:30 a.m.7 views

WordPress If-So Dynamic Content Personalization plugin < 1.8.0.3 - Contributor+ Shortcode Stored XSS vulnerability

Contributor+ Shortcode Stored XSS vulnerability discovered by Felipe Caon in WordPress Plugin If-So Dynamic Content Personalization versions 1.8.0.3...

5.4CVSS6.1AI score0.00254EPSS
Exploits1References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/17 9:3 p.m.9 views

CVE-2024-5440

The If-So Dynamic Content Personalization WordPress plugin before 1.8.0.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site...

5.4CVSS5.9AI score0.00254EPSS
Exploits1References1
NVD
NVD
added 2025/05/15 8:15 p.m.8 views

CVE-2024-5440

The If-So Dynamic Content Personalization WordPress plugin before 1.8.0.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site...

5.4CVSS0.00254EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/05/15 8:7 p.m.11 views

CVE-2024-5440 If-So Dynamic Content Personalization < 1.8.0.3 - Contributor+ Shortcode Stored XSS

The If-So Dynamic Content Personalization WordPress plugin before 1.8.0.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site...

5.5AI score0.00254EPSS
Exploits1References1
CVE
CVE
added 2025/05/15 8:7 p.m.34 views

CVE-2024-5440

Affected software: WordPress plugin If-So Dynamic Content Personalization, versions prior to 1.8.0.3. Vulnerability: The plugin does not validate and escape certain shortcode attributes before outputting them on the page/post where the shortcode is embedded, enabling Stored XSS if exploited. Impa...

5.4CVSS5.9AI score0.00254EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder