CVE-2024-9236 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

The Team WordPress plugin before 4.4.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Store…
Medium CVSS: 4.8

CVE-2024-9236

The Team WordPress plugin before 4.4.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Vendor
Radiustheme
Product
Team - Wordpress Team Members Showcase
CWE
CWE-79
Yayın Tarihi
2025-05-15 20:16:00
Güncelleme
2025-06-12 16:43:19
Source Identifier
contact@wpscan.com
KEV Date Added
-

Kategoriler

CWE-79 Team - Wordpress Team Members Showcase MEDIUM Radiustheme 2025

Referanslar

https://wpscan.com/vulnerability/fd06ba56-37dd-4c23-ae7c-ab8de40d1645/