Software
Plum: Spin Wheel & Email Pop-up
Type
Plugin
Vulnerable versions
<= 2.0
Fixed in
N/A
OWASP Top 10
A1: Injection
Classification
Cross Site Scripting (XSS)
CVE
CVE-2024-38744
Patch priority
High
CVSS severity
High (8.3)
Developer
Claim ownership
PSID
688ef82694b8
Credits
Ananda Dhakal (Patchstack)
Required privilege
Unauthenticated
Published
11 July, 2024
Expand full details Have additional information or questions about this entry? Let us know.
We advise to mitigate or resolve the vulnerability immediately.