CVE-2024-3559 | Custom Field Suite Plugin up to 2.6.7 on WordPress cfs[post_content] cross site scripting

Posted by Angelo Barbosa | Jun 11, 2024 | CVE

A vulnerability classified as problematic has been found in Custom Field Suite Plugin up to 2.6.7 on WordPress. Affected is an unknown function. The manipulation of the argument cfs[post_content] leads to cross site scripting.

This vulnerability is traded as CVE-2024-3559. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-3559 | Custom Field Suite Plugin up to 2.6.7 on WordPress cfs[post_content] cross site scripting

Related Posts

CVE-2024-37115 | Automattic Newspack Blocks Plugin up to 3.0.8 on WordPress information disclosure

CVE-2024-23842 | Hitron DVR LGUVR-16H up to 4.02 default credentials

CVE-2024-34815 | Codection Import and Export Users and Customers Plugin up to 1.26.5 on WordPress authorization

CVE-2024-38782 | MapsMarker Leaflet Maps Marker Plugin up to 3.12.9 on WordPress cross site scripting