Unrated severityNVD Advisory· Published Jun 17, 2024· Updated Aug 1, 2024
Easy Notify Lite < 1.1.33 - Contributor+ Stored XSS
CVE-2024-3236
Description
The Popup Builder WordPress plugin before 1.1.33 does not sanitise and escape some of its Notification fields, which could allow users such as contributor and above to perform Stored Cross-Site Scripting attacks.
Affected products
1- Range: 0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- wpscan.com/vulnerability/a6c2da28-dc03-4bcc-a6c3-ee55a73861db/mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.