21 matches found
CVE-2026-24717
creationtimestamp| type| source ---|---|--- 2026-06-10 05:06:35+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnvwulzguo2h...
CVE-2026-24717
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the...
CVE-2024-24717
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mark Kinchin Beds24 Online Booking allows Stored XSS.This issue affects Beds24 Online Booking: from n/a through 2.0.23...
CVE-2022-24717
ssr-pages is an HTML page builder for the purpose of server-side rendering SSR. In versions prior to 0.1.5, a cross site scripting XSS issue can occur when providing untrusted input to the redirect.link property as an argument to the buildMessagePageOptions function. While there is no known...
CVE-2025-24717
creationtimestamp| type| source ---|---|--- 2025-01-24 22:17:10+00:00| seen| https://infosec.exchange/users/cve/statuses/113885644697092039 2026-04-01 21:27:46+00:00| seen| Telegram/6pWYOEQZc-mjToyXO9lZDoBdn-DmyFZx-GtyY7rNYjl72I...
CVE-2025-24717
Cross-Site Request Forgery CSRF vulnerability in Wow-Company Modal Window modal-window allows Cross Site Request Forgery.This issue affects Modal Window: from n/a through = 6.1.4...
CVE-2025-24717 WordPress Modal Window Plugin <= 6.1.4 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability
Cross-Site Request Forgery CSRF vulnerability in Wow-Company Modal Window allows Cross Site Request Forgery. This issue affects Modal Window: from n/a through 6.1.4...
CVE-2025-24717 WordPress Modal Window Plugin <= 6.1.4 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability
Cross-Site Request Forgery CSRF vulnerability in Wow-Company Modal Window modal-window allows Cross Site Request Forgery.This issue affects Modal Window: from n/a through = 6.1.4...
CVE-2025-24717
CVE-2025-24717 describes a Cross-Site Request Forgery (CSRF) in the WordPress plugin Modal Window (Wow-Company) that allows CSRF to settings changes. Affected range is variants “Modal Window” up to version 6.1.4 . Public sources (NVD, CVE records, Patchstack, Red Hat) consistently cite CSRF as th...
CVE-2024-24717
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mark Kinchin Beds24 Online Booking allows Stored XSS.This issue affects Beds24 Online Booking: from n/a through 2.0.23...
CVE-2024-24717 WordPress Beds24 Online Booking Plugin <= 2.0.23 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mark Kinchin Beds24 Online Booking allows Stored XSS.This issue affects Beds24 Online Booking: from n/a through 2.0.23...
CVE-2024-24717 WordPress Beds24 Online Booking Plugin <= 2.0.23 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mark Kinchin Beds24 Online Booking allows Stored XSS.This issue affects Beds24 Online Booking: from n/a through 2.0.23...
CVE-2024-24717
CVE-2024-24717 affects Beds24 Online Booking WordPress plugin versions
WordPress Beds24 Online Booking Plugin <= 2.0.23 is vulnerable to Cross Site Scripting (XSS)
Software Beds24 Online Booking Type Plugin Vulnerable versions = 2.0.23 Fixed in 2.0.24 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-24717 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 22275ad0d853 Credits Dhabaleshwar Das Required...
CVE-2022-24717
creationtimestamp| type| source ---|---|--- 2022-03-01 22:23:38+00:00| seen| https://t.me/cibsecurity/38278 2025-04-23 19:05:07+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13115...
feling87-nodejs-libs (>=0.0.1 <=0.0.3) potentially affected by CVE-2022-24717 via @finastra/ssr-pages (=0.1.3)
@finastra/ssr-pages NPM version =0.1.3 is affected by a known vulnerability. The following packages have a transitive dependency on @finastra/ssr-pages and may be impacted: - feling87-nodejs-libs =0.0.1, =0.0.3 Source cves: CVE-2022-24717 Source advisory: OSV:GHSA-7F63-H6G3-7CWM...
CVE-2022-24717
CVE-2022-24717 affects ssr-pages (HTML SSR tool). The vulnerability is a Cross-Site Scripting (XSS) issue triggered by untrusted input passed to redirect.link in the build(MessagePageOptions) function, in versions prior to 0.1.5. A patch exists in version 0.1.5. Connected documents confirm the is...
CVE-2022-24717 Cross Site Scripting (XSS) in ssr-pages
ssr-pages is an HTML page builder for the purpose of server-side rendering SSR. In versions prior to 0.1.5, a cross site scripting XSS issue can occur when providing untrusted input to the redirect.link property as an argument to the buildMessagePageOptions function. While there is no known...
CVE-2022-24717 Cross Site Scripting (XSS) in ssr-pages
ssr-pages is an HTML page builder for the purpose of server-side rendering SSR. In versions prior to 0.1.5, a cross site scripting XSS issue can occur when providing untrusted input to the redirect.link property as an argument to the buildMessagePageOptions function. While there is no known...
CVE-2021-24717
The CVE-2021-24717 entry concerns the AutomatorWP WordPress plugin pre-1.7.6, where missing authorization checks allow Subscriber-role users to enumerate automations, disclose private post titles or user emails, call functions, or perform privilege escalation via Ajax actions. Root cause: lack of...