CVE-2024-10057 | RSS Feed Widget Plugin up to 2.9.9 on WordPress Shortcode rfw-youtube-videos cross site scripting

Inserito da Angelo Barbosa | Ott 18, 2024 | CVE

A vulnerability was found in RSS Feed Widget Plugin up to 2.9.9 on WordPress and classified as problematic. This issue affects the function rfw-youtube-videos of the component Shortcode Handler. The manipulation leads to cross site scripting.

The identification of this vulnerability is CVE-2024-10057. The attack may be initiated remotely. There is no exploit available.

CVE-2024-10057 | RSS Feed Widget Plugin up to 2.9.9 on WordPress Shortcode rfw-youtube-videos cross site scripting

Post correlati

CVE-2024-2375 | WPQA Builder Plugin up to 6.1.0 on WordPress Slider Setting cross site scripting

CVE-2024-32970 | phlex up to 1.9.2/1.10.1 cross site scripting

CVE-2024-3325 | Jaspersoft JasperReport Servers up to 9.0.0 Privilege Escalation

CVE-2024-9254 | Foxit PDF Reader Annotation use after free (ZDI-24-1307)