cve/CVE-2024-6498.md at main

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-05 10:17:57 +00:00

0xMarcio 8654f5abb7 Update CVE sources 2024-08-11 18:44

2024-08-11 18:44:53 +00:00

876 B

Raw Permalink Blame History

CVE-2024-6498

Description

The Chatbot for WordPress by Collect.chat ⚡️ WordPress plugin before 2.4.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed

POC

Reference

https://wpscan.com/vulnerability/eed58889-4be8-48df-9ef6-269df451e79e/

Github

https://github.com/20142995/nuclei-templates

876 B Raw Permalink Blame History Unescape Escape

CVE-2024-6498

Description

POC

Reference

Github

876 B

Raw Permalink Blame History