CVE-2024-12273 – CalculatedRoute Form WordPress Stored Cross-Site Scripting

April 29, 2025

CVE ID : CVE-2024-12273

Published : April 29, 2025, 6:15 a.m. | 40 minutes ago

Description : The Calculated Fields Form WordPress plugin before 5.2.62 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleRilasciato Mozilla Firefox 138: tutte le novità del browser open-source

Next Article CVE-2025-46343 – n8n Stored XSS Vulnerability

How To Prevent WordPress SQL Injection Attacks

This week in AI dev tools: Apple’s Foundations Model framework, Mistral’s first reasoning model, and more (June 13, 2025)

Open Talent platforms emerging to match skilled workers to needs, study finds

Java never goes out of style: Celebrating 30 years of the language

OneDrive for Mac will soon give you more flexible storage options

From The Editor’s Desk — new Windows Central community features, we’d like to hear from you!

New code strings attached to Xbox Game Pass suggests a price increase may be imminent

This could be the versatile laptop accessory I’ve been waiting for — Here’s why it stands out from other portable monitors

Worker Threads in Node.js: A Complete Guide for Multithreading in JavaScript

Worker Threads in Node.js: A Complete Guide for Multithreading in JavaScript

Everybody’s gone lintin’

QAQ-QQ-AI-QUEST

OneDrive for Mac will soon give you more flexible storage options

OneDrive for Mac will soon give you more flexible storage options

From The Editor’s Desk — new Windows Central community features, we’d like to hear from you!

New code strings attached to Xbox Game Pass suggests a price increase may be imminent

CVE-2024-12273 – CalculatedRoute Form WordPress Stored Cross-Site Scripting

Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion

Grafana Alert: Medium-Severity Flaw (CVE-2025-3415) Exposes DingDing API Keys

Critical ABB EIBPORT Flaw: Update Now to Prevent Building Automation Hijacks!

What is Pen Testing as a Service (PTaaS), and Do You Need it?

CVE-2025-5429 – Juzaweb CMS Remote Improper Access Control Vulnerability

CVE-2025-5050 – FreeFloat FTP Server BELL Command Handler Buffer Overflow Vulnerability

The rising price of Nintendo games makes supporting smaller titles and studios more important than ever — I’ll be voting with my wallet

Distribution Release: Xubuntu 25.04

SpAItial emerges from stealth with $13M Seed for AI-native 3D applications

Universal Design and Global Accessibility Awareness Day (GAAD)

CVE-2024-12273 – CalculatedRoute Form WordPress Stored Cross-Site Scripting

Related Posts