7 matches found
WordPress Grey Opaque theme <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Download-Button Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Download-Button Shortcode vulnerability discovered by Francesco Carlucci in WordPress Theme Grey Opaque versions = 2.0.1...
WordPress Grey Opaque Theme <= 2.0.1 is vulnerable to Cross Site Scripting (XSS)
Software Grey Opaque Type Theme Vulnerable versions = 2.0.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5966 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 60fbde1ccdb0 Credits Francesco Carlucci Required...
CVE-2024-5966
The Grey Opaque theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter within the theme's Download-Button shortcode in all versions up to, and including, 2.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2024-5966
The Grey Opaque theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter within the theme's Download-Button shortcode in all versions up to, and including, 2.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2024-5966
The CVE-2024-5966 entry concerns the Grey Opaque WordPress theme. It is vulnerable to Stored Cross-Site Scripting via the url parameter in the theme’s Download-Button shortcode, affecting all versions up to and including 2.0.1. The issue arises from insufficient input sanitization and output esca...
CVE-2024-5966 Grey Opaque <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Download-Button Shortcode
The Grey Opaque theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter within the theme's Download-Button shortcode in all versions up to, and including, 2.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
WordPress Plugin Grey Opaque Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability exists in...