Lucene search
+L

5 matches found

Patchstack
Patchstack
added 2025/05/19 2:57 a.m.11 views

WordPress Hustle plugin < 7.8.5 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Hustle versions 7.8.5...

4.8CVSS6AI score0.0032EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2025/05/15 8:15 p.m.11 views

CVE-2024-8492

The Hustle WordPress plugin through 7.8.5 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

4.8CVSS0.0032EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/05/15 8:7 p.m.10 views

CVE-2024-8492 Hustle < 7.8.5 - Admin+ Stored XSS

The Hustle WordPress plugin through 7.8.5 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

6.2AI score0.0032EPSS
Exploits1References1
CVE
CVE
added 2025/05/15 8:7 p.m.31 views

CVE-2024-8492

The Hustle WordPress plugin (≤ 7.8.5) is vulnerable to Admin+ Stored XSS due to insufficient sanitisation/escaping of certain settings, enabling high-privilege users (e.g., editors) to execute scripts even with unfiltered_html disallowed. Impact is limited to XSS within the plugin context; no exp...

4.8CVSS5.7AI score0.0032EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/05/15 8:7 p.m.23 views

CVE-2024-8492 Hustle < 7.8.5 - Admin+ Stored XSS

The Hustle WordPress plugin through 7.8.5 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

0.0032EPSS
Exploits1References1
Rows per page
Query Builder