8 matches found
CVE-2024-6639
The MDx theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mdxlistitem' shortcode in all versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...
CVE-2024-6639
The MDx theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mdxlistitem' shortcode in all versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...
CVE-2024-6639
The MDx theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mdxlistitem' shortcode in all versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...
CVE-2024-6639 MDx <= 2.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via mdx_list_item Shortcode
The MDx theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mdxlistitem' shortcode in all versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...
CVE-2024-6639 MDx <= 2.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via mdx_list_item Shortcode
The MDx theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mdxlistitem' shortcode in all versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...
WordPress MDx theme <= 2.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via mdx_list_item Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via mdxlistitem Shortcode vulnerability discovered by Carson Chan in WordPress Theme MDx versions = 2.0.3...
PT-2024-37768 · WordPress · Mdx Theme
Name of the Vulnerable Software and Affected Versions: MDx theme for WordPress versions up to, and including, 2.0.3 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'mdx list item' shortcode due to insufficient input sanitization and output escaping on user-suppli...
MDx < 2.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via mdx_list_item Shortcode
Description The MDx theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mdxlistitem' shortcode in all versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...