Unrated severityNVD Advisory· Published Nov 6, 2024· Updated Nov 6, 2024
WP ULike < 4.7.5 - Admin+ Stored XSS via Widgets
CVE-2024-7879
Description
The WP ULike WordPress plugin before 4.7.5 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/5ad1c40a-5e13-40b6-8652-c23a1f39abc2/mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.