CVE-2024-5090
SiteOrigin Widgets Bundle Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via SiteOrigin Blog Widget – CVE-2024-5090 | WordPress Plugin Vulnerability Report
Plugin Name: SiteOrigin Widgets Bundle Key Information: Software Type: Plugin Software Slug: so-widgets-bundle Software Status: Active Software Author: gpriday Software Downloads: 40,018,306 Active Installs: 600,000 Last Updated: June 19, 2024 Patched Versions: 1.62.0 Affected Versions: <= 1.61.1 Vulnerability Details: Name: SiteOrigin Widgets Bundle <= 1.61.1 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via SiteOrigin Blog Widget…