How severe is CVE-2024-4419?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.4 out of 10.

What type of vulnerability is CVE-2024-4419?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2024-4419 - MEDIUM Severity | CVSS 4.4

Vulnerability Description

The Fetch JFT plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.8.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.

Related Vulnerabilities

CVE-2016-0667

MEDIUM

CVSS:4.4(Medium)

Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows local users to affect availability via vectors related to Locking.

NVD-CWE-Other2016

CVE-2016-0674

MEDIUM

CVSS:4.4(Medium)

Unspecified vulnerability in the Siebel Core - Common Components component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows local users to affect confidentiality and integrity via vectors related to Email.

NVD-CWE-Other2016

CVE-2016-3480

MEDIUM

CVSS:4.4(Medium)

Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4.3 allows local users to affect confidentiality via vectors related to HA for Postgresql.

NVD-CWE-Other2016

CVE-2016-3488

MEDIUM

CVSS:4.4(Medium)

Unspecified vulnerability in the DB Sharding component in Oracle Database Server 12.1.0.2 allows local users to affect integrity via unknown vectors.

NVD-CWE-Other2016

CVE-2016-5584

MEDIUM

CVSS:4.4(Medium)

Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier, 5.6.33 and earlier, and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security:...

NVD-CWE-Other2016

CVE-2016-7155

MEDIUM

CVSS:4.4(Medium)

hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds access or infinite loop, and QEMU process crash) via a crafted page c...

NVD-CWE-Other2016