Lucene search

K
cvelistWPScanCVELIST:CVE-2024-3918
HistoryMay 23, 2024 - 6:00 a.m.

CVE-2024-3918 Pet Manager <= 1.4 - Contributor+ Stored XSS

2024-05-2306:00:03
WPScan
www.cve.org
cve-2024-3918
pet manager
wordpress
stored xss
cross-site scripting

8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

The Pet Manager WordPress plugin through 1.4 does not sanitise and escape some of its Pet settings, which could allow high privilege users such as Contributor to perform Stored Cross-Site Scripting attacks.

CNA Affected

[
  {
    "vendor": "Unknown",
    "product": "Pet Manager",
    "versions": [
      {
        "status": "affected",
        "versionType": "semver",
        "version": "0",
        "lessThanOrEqual": "1.4"
      }
    ],
    "defaultStatus": "affected"
  }
]

8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

Related for CVELIST:CVE-2024-3918