Vulnerabilities > Magazine3 > Schema Structured Data FOR WP AMP > 1.26

DATE	CVE	VULNERABILITY TITLE	RISK
2024-07-17	CVE-2024-5582	Cross-site Scripting vulnerability in Magazine3 Schema & Structured Data for WP & AMP The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'url' attribute within the Q&A Block widget in all versions up to, and including, 1.33 due to insufficient input sanitization and output escaping on user supplied attributes. network low complexity magazine3 CWE-79	5.4
2024-02-29	CVE-2024-1586	Unspecified vulnerability in Magazine3 Schema & Structured Data for WP & AMP The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom schema in all versions up to, and including, 1.26 due to insufficient input sanitization and output escaping. network low complexity magazine3	5.4

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.