CVE-2024-1106 in Shariff Wrapper Plugininformação

Sumário

de MITRE • 27/02/2024

The Shariff Wrapper WordPress plugin before 4.6.10 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservar

31/01/2024

Divulgação

27/02/2024

Moderação

aceite

Entrada

VDB-252951

CPE

pronto

EPSS

0.00417

KEV

não

Atividades

muito baixo

Fontes

Interested in the pricing of exploits?

See the underground prices here!