admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-11-28 18:48:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2024/CVE-2024-53278.md
0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09
2025-09-29 21:09:30 +02:00

19 lines
884 B
Markdown
Raw Permalink Blame History

### [CVE-2024-53278](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53278)
![](https://img.shields.io/static/v1?label=Product&message=WP%20Admin%20UI%20Customize&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=prior%20to%20ver%201.5.14%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Cross-site%20scripting%20(XSS)&color=brightgreen)
### Description
Cross-site scripting vulnerability exists in WP Admin UI Customize versions prior to ver 1.5.14. If a malicious admin user customizes the admin screen with some malicious contents, an arbitrary script may be executed on the web browser of the other users who are accessing the admin screen.
### POC
#### Reference
No PoCs from references.
#### Github
- https://github.com/20142995/nuclei-templates
- https://github.com/cyb3r-w0lf/nuclei-template-collection
Reference in New Issue View Git Blame Copy Permalink