2 matches found
CVE-2024-9017
CVE-2024-9017 : The PeepSo Core: Groups plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Group Description field in all versions up to and including 6.4.6.0. Exploitation requires authenticated access at Subscriber level or higher, enabling an attacker to inject scripts t...
WordPress PeepSo Core: Groups plugin <= 6.4.6.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Group Description vulnerability
Authenticated Subscriber+ Stored Cross-Site Scripting via Group Description vulnerability discovered by Bikram Kharal in WordPress Plugin PeepSo Core: Groups versions = 6.4.6.0...