CVE-2024-5429 - CERT CVE
ID CVE-2024-5429
Sažetak The Logo Slider WordPress plugin before 4.1.0 does not validate and escape some of its Slider Settings before outputting them back in attributes, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
Reference
CVSS
Base: 7.6
Impact: 4.7
Exploitability:2.8
Pristup
VektorSloženostAutentikacija
NETWORK LOW LOW
Impact
PovjerljivostCjelovitostDostupnost
HIGH LOW LOW
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
Zadnje važnije ažuriranje 18-10-2024 - 12:53
Objavljeno 17-10-2024 - 06:15