Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4
CVE-2024-2436
- EPSS 0.17%
- Veröffentlicht 09.04.2024 19:15:33
- Zuletzt bearbeitet 05.02.2025 18:36:33
The Lightweight Accordion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 1.5.16 due to insufficient input sanitization and output escaping on user supplied attribu...
5.4
CVE-2023-0373
- EPSS 0.3%
- Veröffentlicht 13.02.2023 15:15:22
- Zuletzt bearbeitet 21.03.2025 17:15:37
The Lightweight Accordion WordPress plugin before 1.5.15 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perfor...
1