Lucene search
CaonWPEX-ID:CEE66543-B5D6-4205-8F9B-0FEBD7FEE445HistoryMay 30, 2024 - 12:00 a.m.
Responsive video embed < 0.5.1 - Contributor+ Stored XSS
2024-05-3000:00:00
caon
41
stored xss
responsive video
update reminder
exploit
poc display date
Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
As a contributor, create a post with the following shortcode: [rve src='" onload=alert(/XSS/) " ']
The XSS will be triggered when any user will (pre)view the postRelated
nvd
nvd
CVE-2024-5475
2024-06-20 06:15:10
vulnrichment
vulnrichment
CVE-2024-5475 Responsive video embed < 0.5.1 - Contributor+ Stored XSS
2024-06-20 06:00:03
cve
cve
CVE-2024-5475
2024-06-20 06:15:10
cvelist
cvelist
CVE-2024-5475 Responsive video embed < 0.5.1 - Contributor+ Stored XSS
2024-06-20 06:00:03
wpvulndb
wpvulndb
Responsive video embed < 0.5.1 - Contributor+ Stored XSS
2024-05-30 00:00:00
wordfence
wordfence
AI Score
8.3
Confidence
High
EPSS
0
Percentile
9.0%
Related for WPEX-ID:CEE66543-B5D6-4205-8F9B-0FEBD7FEE445