The Top Bar WordPress plugin before 3.0.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: WPScan
Published: 2024-04-15T05:00:04.066Z
Updated: 2024-08-01T18:48:21.539Z
Reserved: 2024-02-20T12:09:43.414Z
Link: CVE-2024-1660
Vulnrichment
Updated: 2024-07-31T15:19:08.651Z
NVD
Status : Awaiting Analysis
Published: 2024-04-15T05:15:14.900
Modified: 2024-11-21T08:51:01.610
Link: CVE-2024-1660
Redhat
No data.