Lucene search
PatchstackCVE-2024-24841HistoryFeb 05, 2024 - 7:15 a.m.
CVE-2024-24841
2024-02-0507:15:11
CWE-79
Patchstack
web.nvd.nist.gov
18
cve-2024-24841
improper neutralization of input
cross-site scripting
dan's art
woocommerce
nvd
CVSS3
5.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
AI Score
6
Confidence
High
EPSS
0
Percentile
14.0%
Improper Neutralization of Input During Web Page Generation (βCross-site Scriptingβ) vulnerability in Danβs Art Add Customer for WooCommerce allows Stored XSS.This issue affects Add Customer for WooCommerce: from n/a through 1.7.
Affected configurations
Node
dev.dans-artadd_customer_for_woocommerceRangeβ€1.7wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| dev.dans-art | add_customer_for_woocommerce | * | cpe:2.3:a:dev.dans-art:add_customer_for_woocommerce:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "add-customer-for-woocommerce",
"product": "Add Customer for WooCommerce",
"vendor": "Dan's Art",
"versions": [
{
"changes": [
{
"at": "1.7.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.7",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
prion
prion
Cross site scripting
2024-02-05 07:15:00
wpvulndb
wpvulndb
nvd
nvd
CVE-2024-24841
2024-02-05 07:15:11
cvelist
cvelist
vulnrichment
vulnrichment
wordfence
wordfence
CVSS3
5.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
AI Score
6
Confidence
High
EPSS
0
Percentile
14.0%
Related for CVE-2024-24841