3 matches found
WordPress Supreme Modules Lite Plugin <= 2.5.51 is vulnerable to Cross Site Scripting (XSS)
Software Supreme Modules Lite Type Plugin Vulnerable versions = 2.5.51 Fixed in 2.5.52 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5501 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 63defc519dda Credits Ngô Thiên An anco...
CVE-2024-5501
The Supreme Modules Lite – Divi Theme, Extra Theme and Divi Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘buttononeid’ parameter in all versions up to, and including, 2.5.51 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2024-5501
CVE-2024-5501 affects the Supreme Modules Lite plugin family for WordPress (Divi Theme, Extra Theme and Divi Builder). It is a Stored Cross-Site Scripting (XSS) vulnerability via the button_one_id parameter in all versions up to 2.5.51. Exploitation requires Contributor+ privileges on an authenti...