CVE-2024-1106 in Shariff Wrapper Plugin
Tóm tắt
Bởi MITRE • 27/02/2024
The Shariff Wrapper WordPress plugin before 4.6.10 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.