CVE-2024-35655

MEDIUM5.9EPSS 0.11%

Published: 7/18/2024Modified: 11/27/2024

Description

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brave Brave Popup Builder allows Stored XSS.This issue affects Brave Popup Builder: from n/a through 0.6.9.

Affected packages (2)

Bitnami/wordpressfrom 0, < 0.7.0
Bitnami/wordpress-multisitefrom 0, < 0.7.0

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM5.9	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L

References (1)

WEBhttps://patchstack.com/database/vulnerability/brave-popup-builder/wordpress-brave-interactive-content-plugin-0-6-8-cross-site-scripting-xss-vulnerability?_s_id=cve