Vulnerabilities > Paulrosen
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-25 | CVE-2024-13550 | Path Traversal vulnerability in Paulrosen ABC Notation The ABC Notation plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 6.1.3 via the 'file' attribute of the 'abcjs' shortcode. | 6.5 |
| 2025-01-25 | CVE-2024-13551 | Cross-site Scripting vulnerability in Paulrosen ABC Notation The ABC Notation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'abcjs' shortcode in all versions up to, and including, 6.1.3 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |