Lucene search
PatchstackCVELIST:CVE-2024-29820HistoryMar 27, 2024 - 6:54 a.m.
CVE-2024-29820 WordPress PDF Builder for WPForms plugin <= 1.2.88 - Cross Site Scripting (XSS) vulnerability
2024-03-2706:54:37
CWE-79
Patchstack
www.cve.org
3
cross site scripting
wordpress
vulnerability
pdf builder
rednao
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
EPSS
0
Percentile
9.0%
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in RedNao PDF Builder for WPForms allows Stored XSS.This issue affects PDF Builder for WPForms: from n/a through 1.2.88.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "pdf-builder-for-wpforms",
"product": "PDF Builder for WPForms",
"vendor": "RedNao",
"versions": [
{
"changes": [
{
"at": "1.2.89",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.2.88",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
wpvulndb
wpvulndb
nvd
nvd
CVE-2024-29820
2024-03-27 07:15:49
vulnrichment
vulnrichment
cve
cve
CVE-2024-29820
2024-03-27 07:15:49
wordfence
wordfence
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
EPSS
0
Percentile
9.0%
Related for CVELIST:CVE-2024-29820