CVE-2024-31111
CVSS V2 None
CVSS V3 None
Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Automattic WordPress allows Stored XSS.This issue affects WordPress: from 6.5 through 6.5.4, from 6.4 through 6.4.4, from 6.3 through 6.3.4, from 6.2 through 6.2.5, from 6.1 through 6.1.6, from 6.0 through 6.0.8, from 5.9 through 5.9.9.
Overview
- CVE ID
- CVE-2024-31111
- Assigner
- Patchstack
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-06-25T12:54:47.977Z
- Last Modified Date
- 2024-06-25T13:49:38.980Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://patchstack.com/database/vulnerability/wordpress/wordpress-wordpress-core-core-6-5-5-cross-site-scripting-xss-via-template-part-vulnerability?_s_id=cve | vdb-entry |
| https://wordpress.org/news/2024/06/wordpress-6-5-5/ | release-notes |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-31111 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31111 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-26 19:19:33 | Added to TrackCVE |