Vulnerabilities > Shafayat > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-11-21 CVE-2024-11385 Cross-site Scripting vulnerability in Shafayat Pure CSS Circle Progress BAR
The Pure CSS Circle Progress bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'circle_progress' shortcode in all versions up to, and including, 1.2 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
shafayat CWE-79
5.4