Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2025/05/23 8:1 a.m.9 views

CVE-2024-6070

The If-So Dynamic Content Personalization WordPress plugin before 1.8.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

4.8CVSS5.7AI score0.00374EPSS
Exploits1References1
patchstack
patchstack
added 2024/07/15 12:0 a.m.15 views

WordPress If-So Dynamic Content Personalization Plugin < 1.8.0.4 is vulnerable to Cross Site Scripting (XSS)

Software If-So Dynamic Content Personalization Type Plugin Vulnerable versions 1.8.0.4 Fixed in 1.8.0.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6070 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID aeca1edb610d Credits...

4.8CVSS5.8AI score0.00374EPSS
Exploits1References4Affected Software1
nvd
nvd
added 2024/07/13 6:15 a.m.25 views

CVE-2024-6070

The If-So Dynamic Content Personalization WordPress plugin before 1.8.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

4.8CVSS0.00374EPSS
Exploits1References1
cvelist
cvelist
added 2024/07/13 6:0 a.m.27 views

CVE-2024-6070 if-so < 1.8.0.4 - Admin+ Stored XSS

The If-So Dynamic Content Personalization WordPress plugin before 1.8.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

0.00374EPSS
Exploits1References1
vulnrichment
vulnrichment
added 2024/07/13 6:0 a.m.16 views

CVE-2024-6070 if-so < 1.8.0.4 - Admin+ Stored XSS

The If-So Dynamic Content Personalization WordPress plugin before 1.8.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

5.8AI score0.00374EPSS
Exploits1References1
Rows per page
Query Builder