{"cve":{"cve_id":"CVE-2024-10896","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.0037,"epss_percentile":0.28741,"epss_as_of":"2026-06-23","description":"The Logo Slider  WordPress plugin before 4.5.0 does not sanitise and escape some of its Logo and Slider settings, which could allow high privilege users such as Contributor to perform Stored Cross-Site Scripting","published_at":"2024-11-28T06:00:12.112000Z","last_modified_at":null,"cvss_v3_score":5.4,"cvss_v3_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","cvss_v3_severity":"MEDIUM","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":"poc","ssvc_automatable":false,"ssvc_technical_impact":"partial","cwes":["CWE-78"],"nvd_references":["https://wpscan.com/vulnerability/1304c2b6-922d-455e-bae8-d6bf855eddd9/"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-29T01:48:07.179537Z"},"effective_severity":"MEDIUM","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"N","value_label":"Network"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"L","value_label":"Low"},{"metric":"UI","name":"User Interaction","value":"R","value_label":"Required"},{"metric":"S","name":"Scope","value":"C","value_label":"Changed"},{"metric":"C","name":"Confidentiality","value":"L","value_label":"Low"},{"metric":"I","name":"Integrity","value":"L","value_label":"Low"},{"metric":"A","name":"Availability","value":"N","value_label":"None"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"unknown","vendor_name":"Unknown","product_slug":"logo-slider","product_name":"Logo Slider","version_start":"0","version_start_inclusive":true,"version_end":"4.5.0","version_end_inclusive":false,"cpe23_uri":"cve5:unknown:logo-slider:0:4.5.0"}],"exploit_refs":[],"news":[],"references":[{"url":"https://wpscan.com/vulnerability/1304c2b6-922d-455e-bae8-d6bf855eddd9/","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2024-11-28T06:00:12.112000Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:32:24.192476Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:32:24.192476Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:32:24.192476Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"ssvc_changed","at":"2026-06-29T01:48:07.179537Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T01:48:07.179537Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T01:48:07.179537Z","label":"SSVC decision revised","source":"vulnrichment"}]}