The Bible Text WordPress plugin through 0.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: WPScan
Published: 2024-07-11T06:00:03.516Z
Updated: 2024-08-01T21:11:12.795Z
Reserved: 2024-05-28T19:35:35.507Z
Link: CVE-2024-5444
Vulnrichment
Updated: 2024-08-01T21:11:12.795Z
NVD
Status : Analyzed
Published: 2024-07-11T06:15:02.830
Modified: 2024-07-15T13:41:20.447
Link: CVE-2024-5444
Redhat
No data.