CVE-2024-11365 | Securityforce Crypto and DeFi Widgets Plugin up to 1.1.6 on WordPress Shortcode add_query_arg cross site scripting

Posted by Angelo Barbosa | Nov 21, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in Securityforce Crypto and DeFi Widgets Plugin up to 1.1.6 on WordPress. This issue affects the function add_query_arg of the component Shortcode Handler. The manipulation leads to cross site scripting.

The identification of this vulnerability is CVE-2024-11365. The attack may be initiated remotely. There is no exploit available.

CVE-2024-11365 | Securityforce Crypto and DeFi Widgets Plugin up to 1.1.6 on WordPress Shortcode add_query_arg cross site scripting

Related Posts

CVE-2024-22372 | Elecom WRC-X1800GS-B 1.09/1.12/1.17/earlier/earlier Request os command injection

CVE-2023-52225 | Tagbox UGC Galleries, Social Media Widgets, User Reviews & Analytics Plugin deserialization

CVE-2023-28465 | FHIR Core Libraries prior 5.6.106 on CVE package-decompression path traversal (GHSA-9654-pr4f-gh6m)

CVE-2024-21095 | Oracle Primavera P6 Enterprise Project Portfolio Management Remote Code Execution