CVE-2024-5575
13.07.2024, 06:15
The Ditty WordPress plugin before 3.1.43 does not sanitise and escape some of its blocks' settings, which could allow high privilege users such as authors to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed
Vendor | Product | Version |
---|---|---|
metaphorcreations | ditty | 𝑥 < 3.1.43 |
𝑥
= Vulnerable software versions