CVE-2024-13462

The WP Wiki Tooltip plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wiki' shortcode in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-13462 WP Wiki Tooltip <= 2.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

The WP Wiki Tooltip plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wiki' shortcode in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-13462

CVE-2024-13462 (WP Wiki Tooltip, WordPress) : Stored XSS via the wiki shortcode in all versions up to 2.0.2; requires authenticated access at contributor level or higher to inject scripts, which execute when users load the affected pages. Connected data indicates a potential fix in 2.0.3, but ini...

CVE-2024-13462 WP Wiki Tooltip <= 2.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

The WP Wiki Tooltip plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wiki' shortcode in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...