Vulnerabilities > Soflyy > Breakdance > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-08-01 CVE-2024-5330 Cross-site Scripting vulnerability in Soflyy Breakdance
The Breakdance plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the breakdance_css_file_paths_cache parameter in all versions up to, and including, 1.7.2 due to insufficient input sanitization and output escaping.
network
low complexity
soflyy CWE-79
5.4
5.4
2024-08-01 CVE-2024-5331 Missing Authorization vulnerability in Soflyy Breakdance
The Breakdance plugin for WordPress is vulnerable to unauthorized access of data in all versions up to, and including, 1.7.2.
network
low complexity
soflyy CWE-862
4.3
4.3