Vulnerabilities > Mediavine > Create > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-21 | CVE-2024-37495 | Unspecified vulnerability in Mediavine Create Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Mediavine Create by Mediavine allows Stored XSS.This issue affects Create by Mediavine: from n/a through 1.9.7. | 5.4 |
| 2024-06-27 | CVE-2024-5601 | Cross-site Scripting vulnerability in Mediavine Create The Create by Mediavine plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Schema Meta shortcode in all versions up to, and including, 1.9.7 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |