3 matches found
CVE-2024-39682
CVE-2024-39682 affects the Cooked – Recipe Management WordPress plugin. It enables HTML Injection due to insufficient input sanitization and output escaping in versions up to and including 1.7.15.4. Exploitation requires authenticated access at contributor level or higher, and injected HTML would...
CVE-2024-39682 WordPress Cooked Plugin - Authenticated (Contributor+) HTML Injection via Recipe Excerpt
Cooked is a recipe plugin for WordPress. The Cooked plugin for WordPress is vulnerable to HTML Injection in versions up to, and including, 1.7.15.4 due to insufficient input sanitization and output escaping. This vulnerability allows authenticated attackers with contributor-level access and above...
CVE-2024-39682 WordPress Cooked Plugin - Authenticated (Contributor+) HTML Injection via Recipe Excerpt
Cooked is a recipe plugin for WordPress. The Cooked plugin for WordPress is vulnerable to HTML Injection in versions up to, and including, 1.7.15.4 due to insufficient input sanitization and output escaping. This vulnerability allows authenticated attackers with contributor-level access and above...