Lucene search
Bob MatyasWPVDB-ID:3D144E1C-A1F4-4C5A-93E2-4296A96D4BA2HistoryJun 12, 2024 - 12:00 a.m.
WPQA < 6.1.1 - Contributor+ Stored XSS
2024-06-1200:00:00
Bob Matyas
wpscan.com
3
plugin
slider settings
stored xss
high privilege users
sanitization
Description The plugin does not sanitise and escape some of its Slider settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks
PoC
The PoC will be displayed on June 26, 2024, to give users the time to update.
Related
cvelist
cvelist
CVE-2024-2375 WPQA < 6.1.1 - Contributor+ Stored XSS
2024-07-03 06:00:04
nvd
nvd
CVE-2024-2375
2024-07-03 06:15:03
cve
cve
CVE-2024-2375
2024-07-03 06:15:03
wpexploit
wpexploit
WPQA < 6.1.1 - Contributor+ Stored XSS
2024-06-12 00:00:00
vulnrichment
vulnrichment
CVE-2024-2375 WPQA < 6.1.1 - Contributor+ Stored XSS
2024-07-03 06:00:04
AI Score
5.5
Confidence
High
EPSS
0
Percentile
14.2%
Related for WPVDB-ID:3D144E1C-A1F4-4C5A-93E2-4296A96D4BA2