cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-11453,https://securityvulnerability.io/vulnerability/CVE-2024-11453,Stored Cross-Site Scripting Vulnerability in WordPress Pinterest Plugin,"The WordPress Pinterest Plugin – Make a Popup, User Profile, Masonry and Gallery Layout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gs_pin_widget' shortcode in all versions up to, and including, 1.8.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",Wordpress,"WordPress Pinterest Plugin – Make A Popup, User Profile, Masonry And Gallery Layout",6.4,MEDIUM,0.0005300000193528831,false,,false,false,false,,false,false,2024-12-03T07:34:54.323Z,0