4 matches found
CVE-2024-5802
The URL Shortener by Myhop WordPress plugin through 1.0.17 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...
CVE-2024-5802 URL Shortener by MyThemeShop <= 1.0.17 - Admin+ Stored XSS
The URL Shortener by Myhop WordPress plugin through 1.0.17 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...
CVE-2024-5802
The CVE-2024-5802 entry applies to the WordPress plugin URL Shortener by Myhop (also cited as MyThemeShop) for versions
WordPress URL Shortener by MyThemeShop Plugin <= 1.0.17 is vulnerable to Cross Site Scripting (XSS)
Software URL Shortener by MyThemeShop Type Plugin Vulnerable versions = 1.0.17 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5802 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 171657501903 Credits Sandeep...