CVE-2024-5628 | Avada Plugin up to 3.11.9 on WordPress Shortcode fusion_button cross site scripting

Posted by Angelo Barbosa | Sep 12, 2024 | CVE

A vulnerability has been found in Avada Plugin up to 3.11.9 on WordPress and classified as problematic. Affected by this vulnerability is the function fusion_button of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability is known as CVE-2024-5628. The attack can be launched remotely. There is no exploit available.

CVE-2024-5628 | Avada Plugin up to 3.11.9 on WordPress Shortcode fusion_button cross site scripting

Related Posts

CVE-2024-22956 | SWFTools 0.9.2 swftools/src/swfc.c removeFromTo use after free (Issue 208)

CVE-2024-8005 | demozx gf_cms 1.0/1.0.1 JWT Authentication auth.go init hard-coded credentials

CVE-2024-3264 | Mia Technology Mia-Med Health Aplication up to 1.0.13 risky encryption

CVE-2024-39926 | Bitwarden Vaultwarden 1.30.3 Content Security Policy cross site scripting