Vulnerability CVE-2024-5575


Published: 2024-07-13

Description:
The Ditty WordPress plugin before 3.1.43 does not sanitise and escape some of its blocks' settings, which could allow high privilege users such as authors to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed

 References:
https://wpscan.com/vulnerability/65d1abb7-92e9-4cc4-a1d0-84985b484af3/

Copyright 2026, cxsecurity.com

 

Back to Top