Lucene search
K

4 matches found

Patchstack
Patchstack
added 2025/05/19 1:57 a.m.12 views

WordPress Stylish Price List plugin < 7.1.8 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Krugov Artyom in WordPress Plugin Stylish Price List versions 7.1.8...

4.8CVSS6.1AI score0.00266EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2025/05/15 8:15 p.m.11 views

CVE-2024-7758

The Stylish Price List WordPress plugin before 7.1.8 does not sanitise and escape some of its settings, which could allow high privilege users of contributor and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite set...

4.8CVSS0.00266EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/05/15 8:7 p.m.9 views

CVE-2024-7758 Stylish Price List < 7.1.8 - Contributor+ Stored XSS

The Stylish Price List WordPress plugin before 7.1.8 does not sanitise and escape some of its settings, which could allow high privilege users of contributor and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite set...

5.8AI score0.00266EPSS
Exploits1References1
CVE
CVE
added 2025/05/15 8:7 p.m.30 views

CVE-2024-7758

CVE-2024-7758 — WordPress Stylish Price List plugin : The plugin before version 7.1.8 does not adequately sanitize and escape certain settings, enabling potential stored XSS for high-privilege users (contributors and above) even when the unfiltered_html capability is disallowed (e.g., in multisit...

4.8CVSS5.7AI score0.00266EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder