cve/CVE-2024-7133.md at 93476d6c370e261fdc1b2b03a08066de45e4892d

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-11-30 18:56:19 +00:00

0xMarcio 1fb02038e8 Update CVE sources 2025-09-29 16:08

2025-09-29 16:08:36 +00:00

Description

The Floating Notification Bar, Sticky Menu on Scroll, Announcement Banner, and Sticky Header for Any WordPress plugin before 2.7.3 does not validate and escape some of its settings before outputting them back in the page, which could allow users with a high role to perform Stored Cross-Site Scripting attacks.

POC

Reference

https://wpscan.com/vulnerability/c81c1622-33d1-41f2-ba63-f06bd4c125ab/

Github

No PoCs found on GitHub currently.

984 B Raw Blame History

CVE-2024-7133

Description

POC

Reference

Github

984 B

Raw Blame History