{"id":"BIT-wordpress-multisite-2024-35655","details":"Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brave Brave Popup Builder allows Stored XSS.This issue affects Brave Popup Builder: from n/a through 0.6.9.","aliases":["BIT-wordpress-2024-35655","CVE-2024-35655"],"modified":"2024-11-27T19:40:48.342Z","published":"2024-07-18T07:41:07.168Z","database_specific":{"severity":"Medium","cpes":["cpe:2.3:a:getbrave:brave:*:*:*:*:wordpress:wordpress:*:*"]},"references":[{"type":"WEB","url":"https://patchstack.com/database/vulnerability/brave-popup-builder/wordpress-brave-interactive-content-plugin-0-6-8-cross-site-scripting-xss-vulnerability?_s_id=cve"}],"affected":[{"package":{"name":"wordpress-multisite","ecosystem":"Bitnami","purl":"pkg:bitnami/wordpress-multisite"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"0.7.0"}]}],"database_specific":{"source":"https://github.com/bitnami/vulndb/tree/main/data/wordpress-multisite/BIT-wordpress-multisite-2024-35655.json"},"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L"}]}],"schema_version":"1.7.3"}