2 matches found
WordPress Advanced Sermons Plugin <= 3.4 is vulnerable to Cross Site Scripting (XSS)
Software Advanced Sermons Type Plugin Vulnerable versions = 3.4 Fixed in 3.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50458 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0e069038bb43 Credits SOPROBRO Required privilege Contributor...
PT-2023-15522 · WordPress · Wp Google My Business Auto Publish
Name of the Vulnerable Software and Affected Versions: WP Google My Business Auto Publish WordPress plugin versions prior to 3.4 Description: The issue allows users with a role as low as contributor to perform a Stored Cross-Site Scripting attack due to the plugin not validating and escaping one ...