WordPress Mosaic theme <= 1.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Button Shortcode vulnerability discovered by Francesco Carlucci in WordPress Theme Mosaic versions = 1.7.1...

WordPress Mosaic Theme <= 1.7.1 is vulnerable to Cross Site Scripting (XSS)

Software Mosaic Type Theme Vulnerable versions = 1.7.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5965 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 1e09a8bc3e16 Credits Francesco Carlucci Required privileg...