Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5
CVE-2024-5570
- EPSS 0.26%
- Veröffentlicht 28.06.2024 06:15:06
- Zuletzt bearbeitet 19.05.2025 20:46:21
The Simple Photoswipe WordPress plugin through 0.1 does not have authorisation check when updating its settings, which could allow any authenticated users, such as subscriber to update them
- EPSS 0.04%
- Veröffentlicht 26.06.2024 06:15:17
- Zuletzt bearbeitet 19.05.2025 21:02:45
The Simple Photoswipe WordPress plugin through 0.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disa...
1