Unrated severityNVD Advisory· Published Sep 30, 2024· Updated Oct 1, 2024
Starbox < 3.5.3 - Contributor+ Stored XSS
CVE-2024-8239
Description
The Starbox WordPress plugin before 3.5.3 does not properly render social media profiles URLs in certain contexts, like the malicious user's profile or pages where the starbox shortcode is used, which may be abused by users with at least the contributor role to conduct Stored XSS attacks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/02796da0-218d-4cbb-98ca-49eeea83cac5/mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.