CVE-2024-6070 in If-So Dynamic Content Personalization PluginИнформация

Сводка

по MITRE • 13.07.2024

The If-So Dynamic Content Personalization WordPress plugin before 1.8.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Ответственный

WPScan

Резервировать

17.06.2024

Раскрытие

13.07.2024

Модерация

принято

Вход

VDB-271442

EPSS

0.00374

KEV

Нет

Деятельности

Очень низкий

Сектор

Hostingprovider

Источники

Do you want to use VulDB in your project?

Use the official API to access entries easily!