CVE-2024-11830

by Fred · 08/01/2025

The PDF Flipbook, 3D Flipbook—DearFlip plugin for WordPress is vulnerable to Stored Cross-Site Scripting via outline settings in all versions up to 2.3.52 due to insufficient input sanitization and output escaping on user-supplied data. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

More information : https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3215546%403d-flipbook-dflip-lite&new=3215546%403d-flipbook-dflip-lite&sfp_email=&sfph_mail=

CVE-2024-11830

Similar

Recent Posts

Categories

CVE-2024-11830

Share this:

Similar

Recent Posts

Categories

Tags