4 matches found
CVE-2024-5582
The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'url' attribute within the Q Block widget in all versions up to, and including, 1.33 due to insufficient input sanitization and output escaping on user supplied attributes...
CVE-2024-5582 Schema & Structured Data for WP & AMP <= 1.33 - Authenticated (Contributor+) Stored Cross-Site Scripting via url Attribute
The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'url' attribute within the Q&A Block widget in all versions up to, and including, 1.33 due to insufficient input sanitization and output escaping on user supplied attribute...
CVE-2024-5582 Schema & Structured Data for WP & AMP <= 1.33 - Authenticated (Contributor+) Stored Cross-Site Scripting via url Attribute
The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'url' attribute within the Q&A Block widget in all versions up to, and including, 1.33 due to insufficient input sanitization and output escaping on user supplied attribute...
WordPress Schema & Structured Data for WP & AMP Plugin <= 1.33 is vulnerable to Cross Site Scripting (XSS)
Software Schema & Structured Data for WP & AMP Type Plugin Vulnerable versions = 1.33 Fixed in 1.34.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5582 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 6eff26d1a4e3 Credits...