Unknown Simple Banner vulnerabilities
3 known vulnerabilities affecting unknown/simple_banner.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM2LOW1
Vulnerabilities
Page 1 of 1
CVE-2024-12769LOWCVSS 3.5fixed in 3.0.42025-03-25
CVE-2024-12769 [LOW] CWE-79 CVE-2024-12769: The Simple Banner WordPress plugin before 3.0.4 does not sanitise and escape some of its settings,
The Simple Banner WordPress plugin before 3.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
cvelistv5nvd
CVE-2022-0446MEDIUMCVSS 4.8≥ 2.12.0, < 2.12.02022-08-22
CVE-2022-0446 [MEDIUM] CWE-79 CVE-2022-0446: The Simple Banner WordPress plugin before 2.12.0 does not properly sanitize its "Simple Banner Text"
The Simple Banner WordPress plugin before 2.12.0 does not properly sanitize its "Simple Banner Text" Settings allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
cvelistv5nvd
CVE-2021-24574MEDIUMCVSS 4.8≥ 2.10.4, < 2.10.42021-08-23
CVE-2021-24574 [MEDIUM] CWE-79 CVE-2021-24574: The Simple Banner WordPress plugin before 2.10.4 does not sanitise and escape one of its settings, a
The Simple Banner WordPress plugin before 2.10.4 does not sanitise and escape one of its settings, allowing high privilege users such as admin to use Cross-Site Scripting payload even when the unfiltered_html capability is disallowed.
cvelistv5nvd