Permalink
CVE-2024-47356
5.1 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): HIGH
- Privileges required (PR): HIGH
- User interaction (UI): REQUIRED
- Scope (S): CHANGED
- Confidentiality impact (C): LOW
- Integrity impact (I): LOW
- Availability impact (A): LOW
WordPress Create theme <= 2.9.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Catch Themes Create allows Stored XSS.This issue affects Create: from n/a through 2.9.1.
References
Affected products
create
- =<2.9.1
Matching in nixpkgs
pkgs.create-dmg
Shell script to build fancy DMGs
-
nixos-unstable -
- nixpkgs-unstable 1.2.2
pkgs.createrepo_c
C implementation of createrepo
-
nixos-unstable -
- nixpkgs-unstable 1.2.1
pkgs.create-cycle-app
Create Cycle.js with no build configuration
-
nixos-unstable -
- nixpkgs-unstable 5.0.0
pkgs.x-create-mouse-void
Creates an undecorated black window and prevents the mouse from entering that window
-
nixos-unstable -
- nixpkgs-unstable 0.1
pkgs.arduino-create-agent
Agent to upload code to any USB connected Arduino board directly from the browser
-
nixos-unstable -
- nixpkgs-unstable 1.7.0
pkgs.darwin.linux-builder
None
pkgs.elmPackages.create-elm-app
Create Elm apps with no build configuration
-
nixos-unstable -
- nixpkgs-unstable 5.22.0
pkgs.darwin.linux-builder-x86_64
None
pkgs.nodePackages.create-cycle-app
Create Cycle.js with no build configuration
-
nixos-unstable -
- nixpkgs-unstable 5.0.0
pkgs.haskellPackages.openssl-createkey
Create OpenSSL keypairs
-
nixos-unstable -
- nixpkgs-unstable 0.1
pkgs.nodePackages_latest.create-cycle-app
Create Cycle.js with no build configuration
-
nixos-unstable -
- nixpkgs-unstable 5.0.0
Package maintainers
-
@kilimnik Daniel Kilimnik <mail@kilimnik.de>
-
@heywoodlh Spencer Heywood <nixpkgs@heywoodlh.io>
-
@turboMaCk Marek Fajkus <marek.faj@gmail.com>
-
@eigengrau Sebastian Reuße <seb@schattenkopie.de>