2 matches found
WordPress Nested Pages plugin <= 3.2.8 - Editor+ Stored XSS vulnerability
Editor+ Stored XSS vulnerability discovered by Krugov Artyom in WordPress Plugin Nested Pages versions = 3.2.8...
CVE-2024-8759
The Nested Pages WordPress plugin before 3.2.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...