Lucene search

CVE-2024-6264

🗓️ 02 Jul 2024 11:10:15Reported by WordfenceType

The WordPress Post Meta Data Manager plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 5
Patchstack	WordPress Post Meta Data Manager Plugin <= 1.2.3 is vulnerable to Cross Site Scripting (XSS)	2 Jul 202400:00	–	patchstack
Cvelist	CVE-2024-6264 Post Meta Data Manager <= 1.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting	2 Jul 202411:01	–	cvelist
Vulnrichment	CVE-2024-6264 Post Meta Data Manager <= 1.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting	2 Jul 202411:01	–	vulnrichment
NVD	CVE-2024-6264	2 Jul 202411:15	–	nvd
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (July 1, 2024 to July 7, 2024)	11 Jul 202415:09	–	wordfence

Nvd

Vulners

Node

wpexpertplugins post_meta_data_managerRange<1.3.0wordpress

[
  {
    "vendor": "gandhihitesh9",
    "product": "Post Meta Data Manager",
    "versions": [
      {
        "version": "*",
        "status": "affected",
        "lessThanOrEqual": "1.2.3",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
plugins	www.plugins.trac.wordpress.org/browser/post-meta-data-manager/trunk/includes/admin/html/pmdm_wp_display_post_metadata_html.php
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/9dd6828b-6235-4284-bce6-be23b79ac70e
plugins	www.plugins.trac.wordpress.org/changeset/3109558/
plugins	www.plugins.trac.wordpress.org/browser/post-meta-data-manager/trunk/includes/admin/html/pmdm_wp_display_user_metadata_html.php
plugins	www.plugins.trac.wordpress.org/browser/post-meta-data-manager/trunk/includes/admin/html/pmdm_wp_display_term_metadata_html.php

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

02 Jul 2024 11:15Current

5.6Medium risk

Vulners AI Score5.6

CVSS35.4 - 6.4

EPSS0.00079

SSVC

CWE-79