Unrated severityNVD Advisory· Published Apr 15, 2024· Updated Mar 14, 2025
Responsive Tabs < 4.0.7 - Contributor+ Stored XSS
CVE-2024-1846
Description
The Responsive Tabs WordPress plugin before 4.0.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <4.0.7
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/ea2a8420-4b0e-4efb-a0c6-ceea996dae5a/mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.