Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for Redux Framework by davidanderson

    CVE-2025-9488 (GCVE-0-2025-9488)

    Vulnerability from nvd – Published: 2025-12-13 04:31 – Updated: 2026-04-08 17:23
    VLAI
    Title
    Redux Framework <= 4.5.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via data Parameter
    Summary
    The Redux Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data’ parameter in all versions up to, and including, 4.5.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    davidanderson Redux Framework Affected: 0 , ≤ 4.5.8 (semver)
    Create a notification for this product.
    Credits
    Muhammad Yudha - DJ
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-9488",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-15T15:43:04.148093Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-12-15T15:46:53.451Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Redux Framework",
              "vendor": "davidanderson",
              "versions": [
                {
                  "lessThanOrEqual": "4.5.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Muhammad Yudha - DJ"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Redux Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018data\u2019 parameter in all versions up to, and including, 4.5.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.4,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:23:21.320Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cabf776d-8749-45a8-94c1-7d1eef93a183?source=cve"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/redux-framework/tags/4.5.7/redux-core/inc/extensions/shortcodes/class-redux-shortcodes.php#L205"
            },
            {
              "url": "https://wordpress.org/plugins/redux-framework/#developers"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3402803%40redux-framework\u0026new=3402803%40redux-framework\u0026sfp_email=\u0026sfph_mail=#file22"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-11-19T16:55:59.000Z",
              "value": "Vendor Notified"
            },
            {
              "lang": "en",
              "time": "2025-12-12T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Redux Framework \u003c= 4.5.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via data Parameter"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2025-9488",
        "datePublished": "2025-12-13T04:31:33.327Z",
        "dateReserved": "2025-08-26T12:49:36.739Z",
        "dateUpdated": "2026-04-08T17:23:21.320Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-6828 (GCVE-0-2024-6828)

    Vulnerability from nvd – Published: 2024-07-23 02:01 – Updated: 2024-08-01 21:45
    VLAI
    Title
    Redux Framework 4.4.12 - 4.4.17 - Unauthenticated JSON File Upload to Stored Cross-Site Scripting
    Summary
    The Redux Framework plugin for WordPress is vulnerable to unauthenticated JSON file uploads due to missing authorization and capability checks on the Redux_Color_Scheme_Import function in versions 4.4.12 to 4.4.17. This makes it possible for unauthenticated attackers to upload JSON files, which can be used to conduct stored cross-site scripting attacks and, in some rare cases, when the wp_filesystem fails to initialize - to Remote Code Execution.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-434 - Unrestricted Upload of File with Dangerous Type
    Assigner
    Impacted products
    Vendor Product Version
    davidanderson Redux Framework Affected: 4.4.12 , ≤ 4.4.17 (semver)
    Create a notification for this product.
    redux gutenberg_template_library_\&_redux_framework Affected: 4.4.12 , ≤ 4.4.17 (semver)
        cpe:2.3:a:redux:gutenberg_template_library_\&_redux_framework:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Villu Orav
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:redux:gutenberg_template_library_\\\u0026_redux_framework:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "gutenberg_template_library_\\\u0026_redux_framework",
                "vendor": "redux",
                "versions": [
                  {
                    "lessThanOrEqual": "4.4.17",
                    "status": "affected",
                    "version": "4.4.12",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-6828",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-23T13:09:13.887309Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-25T15:52:36.382Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:45:38.314Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/18a37063-31aa-4b1f-b1a5-1ea921a20686?source=cve"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://core.trac.wordpress.org/browser/tags/6.5.4/src/wp-includes/class-wp-theme-json.php#L1690"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://plugins.trac.wordpress.org/browser/redux-framework/tags/4.4.17/redux-core/inc/extensions/color_scheme/color_scheme/class-redux-color-scheme-import.php#L75"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://plugins.trac.wordpress.org/browser/redux-framework/tags/4.4.17/redux-core/inc/classes/class-redux-helpers.php#L938"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://plugins.trac.wordpress.org/browser/redux-framework/tags/4.4.17/redux-core/inc/fields/typography/redux-typography.js#L646"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://plugins.trac.wordpress.org/browser/redux-framework/trunk/redux-core/inc/classes/class-redux-filesystem.php#L166"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://plugins.trac.wordpress.org/browser/redux-framework/tags/4.4.17/redux-core/inc/classes/class-redux-filesystem.php#L614"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Redux Framework",
              "vendor": "davidanderson",
              "versions": [
                {
                  "lessThanOrEqual": "4.4.17",
                  "status": "affected",
                  "version": "4.4.12",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Villu Orav"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Redux Framework plugin for WordPress is vulnerable to unauthenticated JSON file uploads due to missing authorization and capability checks on the Redux_Color_Scheme_Import function in versions 4.4.12 to 4.4.17. This makes it possible for unauthenticated attackers to upload JSON files, which can be used to conduct stored cross-site scripting attacks and, in some rare cases, when the wp_filesystem fails to initialize - to Remote Code Execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-434",
                  "description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-23T02:01:39.248Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/18a37063-31aa-4b1f-b1a5-1ea921a20686?source=cve"
            },
            {
              "url": "https://core.trac.wordpress.org/browser/tags/6.5.4/src/wp-includes/class-wp-theme-json.php#L1690"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/redux-framework/tags/4.4.17/redux-core/inc/extensions/color_scheme/color_scheme/class-redux-color-scheme-import.php#L75"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/redux-framework/tags/4.4.17/redux-core/inc/classes/class-redux-helpers.php#L938"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/redux-framework/tags/4.4.17/redux-core/inc/fields/typography/redux-typography.js#L646"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/redux-framework/trunk/redux-core/inc/classes/class-redux-filesystem.php#L166"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/redux-framework/tags/4.4.17/redux-core/inc/classes/class-redux-filesystem.php#L614"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-07-11T00:00:00.000Z",
              "value": "Discovered"
            },
            {
              "lang": "en",
              "time": "2024-07-22T12:05:44.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Redux Framework 4.4.12 -  4.4.17 - Unauthenticated JSON File Upload to Stored Cross-Site Scripting"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-6828",
        "datePublished": "2024-07-23T02:01:39.248Z",
        "dateReserved": "2024-07-16T23:35:55.802Z",
        "dateUpdated": "2024-08-01T21:45:38.314Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-9488 (GCVE-0-2025-9488)

    Vulnerability from cvelistv5 – Published: 2025-12-13 04:31 – Updated: 2026-04-08 17:23
    VLAI
    Title
    Redux Framework <= 4.5.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via data Parameter
    Summary
    The Redux Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data’ parameter in all versions up to, and including, 4.5.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    davidanderson Redux Framework Affected: 0 , ≤ 4.5.8 (semver)
    Create a notification for this product.
    Credits
    Muhammad Yudha - DJ
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-9488",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-15T15:43:04.148093Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-12-15T15:46:53.451Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Redux Framework",
              "vendor": "davidanderson",
              "versions": [
                {
                  "lessThanOrEqual": "4.5.8",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Muhammad Yudha - DJ"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Redux Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018data\u2019 parameter in all versions up to, and including, 4.5.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.4,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:23:21.320Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cabf776d-8749-45a8-94c1-7d1eef93a183?source=cve"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/redux-framework/tags/4.5.7/redux-core/inc/extensions/shortcodes/class-redux-shortcodes.php#L205"
            },
            {
              "url": "https://wordpress.org/plugins/redux-framework/#developers"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3402803%40redux-framework\u0026new=3402803%40redux-framework\u0026sfp_email=\u0026sfph_mail=#file22"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-11-19T16:55:59.000Z",
              "value": "Vendor Notified"
            },
            {
              "lang": "en",
              "time": "2025-12-12T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Redux Framework \u003c= 4.5.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via data Parameter"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2025-9488",
        "datePublished": "2025-12-13T04:31:33.327Z",
        "dateReserved": "2025-08-26T12:49:36.739Z",
        "dateUpdated": "2026-04-08T17:23:21.320Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-6828 (GCVE-0-2024-6828)

    Vulnerability from cvelistv5 – Published: 2024-07-23 02:01 – Updated: 2024-08-01 21:45
    VLAI
    Title
    Redux Framework 4.4.12 - 4.4.17 - Unauthenticated JSON File Upload to Stored Cross-Site Scripting
    Summary
    The Redux Framework plugin for WordPress is vulnerable to unauthenticated JSON file uploads due to missing authorization and capability checks on the Redux_Color_Scheme_Import function in versions 4.4.12 to 4.4.17. This makes it possible for unauthenticated attackers to upload JSON files, which can be used to conduct stored cross-site scripting attacks and, in some rare cases, when the wp_filesystem fails to initialize - to Remote Code Execution.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-434 - Unrestricted Upload of File with Dangerous Type
    Assigner
    Impacted products
    Vendor Product Version
    davidanderson Redux Framework Affected: 4.4.12 , ≤ 4.4.17 (semver)
    Create a notification for this product.
    redux gutenberg_template_library_\&_redux_framework Affected: 4.4.12 , ≤ 4.4.17 (semver)
        cpe:2.3:a:redux:gutenberg_template_library_\&_redux_framework:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Villu Orav
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:redux:gutenberg_template_library_\\\u0026_redux_framework:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "gutenberg_template_library_\\\u0026_redux_framework",
                "vendor": "redux",
                "versions": [
                  {
                    "lessThanOrEqual": "4.4.17",
                    "status": "affected",
                    "version": "4.4.12",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-6828",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-23T13:09:13.887309Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-25T15:52:36.382Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:45:38.314Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/18a37063-31aa-4b1f-b1a5-1ea921a20686?source=cve"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://core.trac.wordpress.org/browser/tags/6.5.4/src/wp-includes/class-wp-theme-json.php#L1690"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://plugins.trac.wordpress.org/browser/redux-framework/tags/4.4.17/redux-core/inc/extensions/color_scheme/color_scheme/class-redux-color-scheme-import.php#L75"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://plugins.trac.wordpress.org/browser/redux-framework/tags/4.4.17/redux-core/inc/classes/class-redux-helpers.php#L938"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://plugins.trac.wordpress.org/browser/redux-framework/tags/4.4.17/redux-core/inc/fields/typography/redux-typography.js#L646"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://plugins.trac.wordpress.org/browser/redux-framework/trunk/redux-core/inc/classes/class-redux-filesystem.php#L166"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://plugins.trac.wordpress.org/browser/redux-framework/tags/4.4.17/redux-core/inc/classes/class-redux-filesystem.php#L614"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Redux Framework",
              "vendor": "davidanderson",
              "versions": [
                {
                  "lessThanOrEqual": "4.4.17",
                  "status": "affected",
                  "version": "4.4.12",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Villu Orav"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Redux Framework plugin for WordPress is vulnerable to unauthenticated JSON file uploads due to missing authorization and capability checks on the Redux_Color_Scheme_Import function in versions 4.4.12 to 4.4.17. This makes it possible for unauthenticated attackers to upload JSON files, which can be used to conduct stored cross-site scripting attacks and, in some rare cases, when the wp_filesystem fails to initialize - to Remote Code Execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-434",
                  "description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-23T02:01:39.248Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/18a37063-31aa-4b1f-b1a5-1ea921a20686?source=cve"
            },
            {
              "url": "https://core.trac.wordpress.org/browser/tags/6.5.4/src/wp-includes/class-wp-theme-json.php#L1690"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/redux-framework/tags/4.4.17/redux-core/inc/extensions/color_scheme/color_scheme/class-redux-color-scheme-import.php#L75"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/redux-framework/tags/4.4.17/redux-core/inc/classes/class-redux-helpers.php#L938"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/redux-framework/tags/4.4.17/redux-core/inc/fields/typography/redux-typography.js#L646"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/redux-framework/trunk/redux-core/inc/classes/class-redux-filesystem.php#L166"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/redux-framework/tags/4.4.17/redux-core/inc/classes/class-redux-filesystem.php#L614"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-07-11T00:00:00.000Z",
              "value": "Discovered"
            },
            {
              "lang": "en",
              "time": "2024-07-22T12:05:44.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Redux Framework 4.4.12 -  4.4.17 - Unauthenticated JSON File Upload to Stored Cross-Site Scripting"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-6828",
        "datePublished": "2024-07-23T02:01:39.248Z",
        "dateReserved": "2024-07-16T23:35:55.802Z",
        "dateUpdated": "2024-08-01T21:45:38.314Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }