Lucene search

CVE-2024-4860

🗓️ 14 May 2024 09:39:11Reported by tenableType

WordPress RSS Aggregator Plugin XSS vulnerability in versions < 4.23.9 due to unsanitized 'notice_id' paramete

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 6
WPVulnDB	RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging < 4.23.9 - Reflected Cross-Site Scripting	16 May 202400:00	–	wpvulndb
CVE	CVE-2024-4860	14 May 202416:17	–	cve
NVD	CVE-2024-4860	14 May 202416:17	–	nvd
Vulnrichment	CVE-2024-4860	14 May 202409:11	–	vulnrichment
OSV	CVE-2024-4860	14 May 202416:17	–	osv
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (May 13, 2024 to May 19, 2024)	23 May 202415:00	–	wordfence

[
  {
    "collectionURL": "https://wordpress.org/plugins/",
    "defaultStatus": "unaffected",
    "packageName": "wp-rss-aggregator",
    "versions": [
      {
        "lessThan": "4.23.9",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
tenable	www.tenable.com/security/research/tra-2024-16

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

14 May 2024 09:11Current

6Medium risk

Vulners AI Score6

CVSS35.4

EPSS0.00024

CWE-79