CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-1660

The Top Bar WordPress plugin before 3.0.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 38.1%

CVSS Severity

CVSS v3 Score 4.8

References

Products affected by CVE-2024-1660

Wpdarko » Top Bar » Version: 1.0

cpe:2.3:a:wpdarko:top_bar:1.0
Wpdarko » Top Bar » Version: 1.1

cpe:2.3:a:wpdarko:top_bar:1.1
Wpdarko » Top Bar » Version: 1.2

cpe:2.3:a:wpdarko:top_bar:1.2
Wpdarko » Top Bar » Version: 2.0

cpe:2.3:a:wpdarko:top_bar:2.0
Wpdarko » Top Bar » Version: 3.0

cpe:2.3:a:wpdarko:top_bar:3.0
Wpdarko » Top Bar » Version: 3.0.2

cpe:2.3:a:wpdarko:top_bar:3.0.2
Wpdarko » Top Bar » Version: 3.0.3

cpe:2.3:a:wpdarko:top_bar:3.0.3
Wpdarko » Top Bar » Version: 3.0.4

cpe:2.3:a:wpdarko:top_bar:3.0.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-1660

Products

Pricing

Contact Us