Custom Twitter Feeds WordPress plugin before 2.2.3 is not filtering some of its settings allowing high privilege users to inject scripts.
Metrics
Affected Vendors & Products
References
History
Wed, 09 Oct 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Smashballoon
Smashballoon custom Twitter Feeds |
|
CPEs | cpe:2.3:a:smashballoon:custom_twitter_feeds:*:*:*:*:*:wordpress:*:* | |
Vendors & Products |
Smashballoon
Smashballoon custom Twitter Feeds |
|
Metrics |
cvssV3_1
|
Tue, 08 Oct 2024 06:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Custom Twitter Feeds WordPress plugin before 2.2.3 is not filtering some of its settings allowing high privilege users to inject scripts. | |
Title | Custom Twitter Feeds < 2.2.3 - Admin+ Stored XSS | |
References |
|
MITRE
Status: PUBLISHED
Assigner: WPScan
Published: 2024-10-08T06:00:03.744Z
Updated: 2024-10-09T15:17:17.144Z
Reserved: 2024-09-18T19:23:38.003Z
Link: CVE-2024-8983
Vulnrichment
Updated: 2024-10-09T15:17:11.448Z
NVD
Status : Awaiting Analysis
Published: 2024-10-08T06:15:02.490
Modified: 2024-10-10T12:57:21.987
Link: CVE-2024-8983
Redhat
No data.