CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24839 – WordPress Structured Content Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2024-24839
02 Feb 2024 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gordon Böhme, Antonio Leutsch Structured Content (JSON-LD) #wpsc allows Stored XSS.This issue affects Structured Content (JSON-LD) #wpsc: from n/a through 1.6.1. Neutralización inadecuada de la entrada durante la vulnerabilidad de generación de páginas web ('Cross-site Scripting') en Gordon Böhme, Antonio Leutsch Structured Content (JSON-LD) #wpsc permite almacenar XSS. Este problema afecta a Structured Con... • https://patchstack.com/database/vulnerability/structured-content/wordpress-structured-content-json-ld-plugin-1-6-1-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-49820 – WordPress Structured Content Plugin <= 1.5.3 is vulnerable to Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2023-49820
05 Dec 2023 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gordon Böhme, Antonio Leutsch Structured Content (JSON-LD) #wpsc allows Stored XSS.This issue affects Structured Content (JSON-LD) #wpsc: from n/a through 1.5.3. Neutralización inadecuada de la entrada durante la vulnerabilidad de generación de páginas web ('Cross-site Scripting') en Gordon Böhme, Antonio Leutsch Structured Content (JSON-LD) #wpsc permite almacenar XSS. Este problema afecta a Structured Con... • https://patchstack.com/database/vulnerability/structured-content/wordpress-structured-content-json-ld-wpsc-plugin-1-5-3-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-49819 – WordPress Structured Content Plugin <= 1.5.3 is vulnerable to PHP Object Injection
https://notcve.org/view.php?id=CVE-2023-49819
05 Dec 2023 — Deserialization of Untrusted Data vulnerability in Gordon Böhme, Antonio Leutsch Structured Content (JSON-LD) #wpsc.This issue affects Structured Content (JSON-LD) #wpsc: from n/a through 1.5.3. Vulnerabilidad de deserialización de datos no confiables en Gordon Böhme, Antonio Leutsch Structured Content (JSON-LD) #wpsc. Este problema afecta el contenido estructurado (JSON-LD) #wpsc: desde n/a hasta 1.5.3. The Structured Content (JSON-LD) #wpsc plugin for WordPress is vulnerable to PHP Object Injection in all... • https://patchstack.com/database/vulnerability/structured-content/wordpress-structured-content-json-ld-wpsc-plugin-1-5-3-php-object-injection-vulnerability?_s_id=cve • CWE-502: Deserialization of Untrusted Data •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-4715 – Structured Content < 1.5.1 - Contributor+ Stored XSS in Shortcode
https://notcve.org/view.php?id=CVE-2022-4715
28 Dec 2022 — The Structured Content WordPress plugin before 1.5.1 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. El complemento Structured Content de WordPress anterior a 1.5.1 no valida ni escapa algunos de sus atributos de código corto antes de devolverlos a la página, lo que podría permitir a lo... • https://wpscan.com/vulnerability/4394fe86-4240-4454-b724-81464b04123a • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •