2 matches found
CVE-2024-54434 WordPress phZoom plugin <= 1.2.92 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in BenJemin phZoom phzoom allows Stored XSS.This issue affects phZoom: from n/a through = 1.2.92...
CVE-2024-54434
CVE-2024-54434 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin phZoom (Phoetry) that leads to Stored XSS. Affected: phZoom versions up to 1.2.92. Root cause: CSRF allowing stored XSS payloads, as stated in the description. Impact: Stored XSS risk in sites using...