WordPress NinjaTeam Header Footer Custom Code plugin <= 1.2 - Admin+ Stored XSS via CSS Styles vulnerability

Admin+ Stored XSS via CSS Styles vulnerability discovered by Bob Matyas in WordPress Plugin NinjaTeam Header Footer Custom Code versions = 1.2...

WordPress NinjaTeam Header Footer Custom Code plugin < 1.2 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Takshal Patel in WordPress Plugin NinjaTeam Header Footer Custom Code versions 1.2...

CVE-2024-6493

The NinjaTeam Header Footer Custom Code WordPress plugin before 1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

CVE-2024-6617

CVE-2024-6617 : NinjaTeam Header Footer Custom Code WordPress plugin (

CVE-2024-6493 NinjaTeam Header Footer Custom Code < 1.2 - Admin+ Stored XSS

The NinjaTeam Header Footer Custom Code WordPress plugin before 1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

CVE-2024-6617 NinjaTeam Header Footer Custom Code <= 1.2 - Admin+ Stored XSS via CSS Styles

The NinjaTeam Header Footer Custom Code WordPress plugin before 1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

PT-2024-37750 · WordPress · Ninjateam Header Footer Custom Code

Name of the Vulnerable Software and Affected Versions: NinjaTeam Header Footer Custom Code WordPress plugin versions prior to 1.2 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This is possible because some settings are not...