Unrated severityNVD Advisory· Published Jul 13, 2024· Updated Aug 1, 2024
Ditty < 3.1.43 - Author+ Stored XSS
CVE-2024-5575
Description
The Ditty WordPress plugin before 3.1.43 does not sanitise and escape some of its blocks' settings, which could allow high privilege users such as authors to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: <3.1.43
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/65d1abb7-92e9-4cc4-a1d0-84985b484af3/mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.