CVE-2024-56299 – WordPress Notify Odoo plugin <= 1.0.0 - CSRF to Stored XSS vulnerability

https://notcve.org/view.php?id=CVE-2024-56299

03 Jan 2025 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pektsekye Notify Odoo allows Stored XSS.This issue affects Notify Odoo: from n/a through 1.0.0. La vulnerabilidad de neutralización incorrecta de la entrada durante la generación de páginas web ('Cross-site Scripting') en Pektsekye Notify Odoo permite XSS almacenado. Este problema afecta a Notify Odoo: desde n/a hasta 1.0.0. The Notify Odoo plugin for WordPress is vulnerable to Cross-Site Request Forgery in... • https://patchstack.com/database/wordpress/plugin/notify-odoo/vulnerability/wordpress-notify-odoo-plugin-1-0-0-csrf-to-stored-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-352: Cross-Site Request Forgery (CSRF) •