Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5
CVE-2024-54317
- EPSS 0.03%
- Published 13.12.2024 15:15:38
- Last modified 13.12.2024 15:15:38
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Google Web Stories allows Stored XSS.This issue affects Web Stories: from n/a through 1.37.0.
6.5
CVE-2023-1979
- EPSS 0.44%
- Published 08.05.2023 17:15:11
- Last modified 21.11.2024 07:40:16
The Web Stories for WordPress plugin supports the WordPress built-in functionality of protecting content with a password. The content is then only accessible to website visitors after entering the password. In WordPress, users with the "Author" role ...
8.1
CVE-2022-3708
- EPSS 0.23%
- Published 28.10.2022 19:15:10
- Last modified 05.05.2025 13:15:46
The Web Stories plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including 1.24.0 due to insufficient validation of URLs supplied via the 'url' parameter found via the /v1/hotlink/proxy REST API Endpoint. This ...
1