CVE-2024-12515

🗓️ 09 Jan 2025 11:11:02Reported by WordfenceType

Vulnerability in Muslim Prayer Time plugin allows Stored Cross-Site Scripting via Masjid ID parameter.

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2024-12515	9 Jan 202511:16	–	circl
CNNVD	WordPress plugin Muslim Prayer Time-Salah/Iqamah 跨站脚本漏洞	9 Jan 202500:00	–	cnnvd
Cvelist	CVE-2024-12515 Muslim Prayer Time-Salah/Iqamah <= 1.8.11 - Authenticated (Contributor+) Stored Cross-Site Scripting	9 Jan 202511:11	–	cvelist
EUVD	EUVD-2024-50926	3 Oct 202520:07	–	euvd
NVD	CVE-2024-12515	9 Jan 202511:15	–	nvd
Patchstack	WordPress Muslim Prayer Time-Salah/Iqamah plugin <= 1.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability	9 Jan 202500:33	–	patchstack
Positive Technologies	PT-2025-1878 · WordPress · Muslim Prayer Time-Salah/Iqamah	9 Jan 202500:00	–	ptsecurity
RedhatCVE	CVE-2024-12515	23 May 202509:28	–	redhatcve
Vulnrichment	CVE-2024-12515 Muslim Prayer Time-Salah/Iqamah <= 1.8.11 - Authenticated (Contributor+) Stored Cross-Site Scripting	9 Jan 202511:11	–	vulnrichment
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (January 6, 2025 to January 12, 2025)	16 Jan 202516:12	–	wordfence

Vulners

Node

masjidal muslim_prayer_time-salah/iqamahRange≤1.8.11wordpress

[
  {
    "vendor": "masjidal",
    "product": "Muslim Prayer Time-Salah/Iqamah",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThanOrEqual": "1.8.11",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/9e34b3df-ac18-4409-b8fe-b27c931f3aa3
wordpress	www.wordpress.org/plugins/masjidal/
plugins	www.plugins.trac.wordpress.org/changeset

15 Apr 2026 00:35Current

7.4High risk

Vulners AI Score7.4

CVSS 3.16.4

EPSS0.0036

SSVC

CWE-79