4 matches found
CVE-2024-9600
The Ditty WordPress plugin before 3.1.47 does not sanitise and escape some of its settings, which could allow high privilege users such as author to perform Stored Cross-Site Scripting attacks...
CVE-2024-9600 Ditty < 3.1.47 - Author+ Stored XSS
The Ditty WordPress plugin before 3.1.47 does not sanitise and escape some of its settings, which could allow high privilege users such as author to perform Stored Cross-Site Scripting attacks...
CVE-2024-9600
CVE-2024-9600 affects the Ditty WordPress plugin (versions before 3.1.47). The issue is stored XSS caused by insufficient sanitisation/escaping of certain settings, allowing high-privilege users (e.g., authors) to execute script in the context of an admin. Public details from multiple sources (NV...
CVE-2024-9600 Ditty < 3.1.47 - Author+ Stored XSS
The Ditty WordPress plugin before 3.1.47 does not sanitise and escape some of its settings, which could allow high privilege users such as author to perform Stored Cross-Site Scripting attacks...