CVE-2024-11830 – DearFlip for WordPress Stored Cross-Site Scripting Vulnerability

1月 8, 2025
12:16 pm

CVE ID : CVE-2024-11830

Published : Jan. 8, 2025, 11:15 a.m. | 1 hour, 1 minute ago

Description : The PDF Flipbook, 3D Flipbook—DearFlip plugin for WordPress is vulnerable to Stored Cross-Site Scripting via outline settings in all versions up to 2.3.52 due to insufficient input sanitization and output escaping on user-supplied data. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Severity: 6.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-11830 – DearFlip for WordPress Stored Cross-Site Scripting Vulnerability

Elvescore.io

Recent Posts

CVE-2025-21102 – Dell VxRail Plaintext Storage of a Password Vulnerability

CVE-2024-11423 – WooCommerce Gift Cards Advanced Coupons Unauthorized Data Modification