2 matches found
CVE-2024-5600 Happy SCSS Compiler - Compile SCSS to CSS automatically <= 1.3.10 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting
The SCSS Happy Compiler – Compile SCSS to CSS & Automatic Enqueue plugin for WordPress is vulnerable to Stored Cross-Site Scripting due to a missing capability check and insufficient sanitization on the importsettings function in all versions up to, and including, 1.3.10. This makes it possible f...
CVE-2024-5600
CVE-2024-5600 concerns the WordPress plugin “SCSS Happy Compiler – Compile SCSS to CSS & Automatic Enqueue.” The vulnerability is a Stored Cross-Site Scripting (XSS) due to a missing capability check and insufficient sanitization in the import_settings() function. It affects all versions up to an...