Lucene search
WpvulndbWPVDB-ID:2C1B3942-5234-4523-99A7-2606E20349B5HistoryJan 31, 2024 - 12:00 a.m.
SiteOrigin Widgets Bundle < 1.58.2 - Contributor+ Stored XSS
2024-01-3100:00:00
wpscan.com
7
siteorigin widgets bundle
stored xss
contributor access
Description The plugin is vulnerable to Stored Cross-Site Scripting via the code editor due to insufficient input sanitization and output escaping, allowing authenticated attackers, with contributor access or higher, to perform Stored XSS attacks
| CPE | Name | Operator | Version |
|---|---|---|---|
| eq | 1.58.2 |
Related
prion
prion
Cross site scripting
2024-02-05 22:16:00
cvelist
cvelist
CVE-2024-0961
2024-02-05 21:21:48
cve
cve
CVE-2024-0961
2024-02-05 22:16:06
wordfence
wordfence
5.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
19.9%
Related for WPVDB-ID:2C1B3942-5234-4523-99A7-2606E20349B5