Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/17 9:1 p.m.5 views

CVE-2024-0249

The Advanced Schedule Posts WordPress plugin through 2.1.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admins...

6.1CVSS6.1AI score0.00265EPSS
Exploits2References1
Circl
Circl
added 2025/05/15 8:33 p.m.9 views

CVE-2024-0249

creationtimestamp| type| source ---|---|--- 2025-05-15 20:33:58+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16570...

7.1CVSS8.7AI score0.00265EPSS
Exploits2References1
NVD
NVD
added 2025/05/15 8:15 p.m.5 views

CVE-2024-0249

The Advanced Schedule Posts WordPress plugin through 2.1.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admins...

7.1CVSS0.00265EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2025/05/15 8:9 p.m.6 views

CVE-2024-0249 Advanced Schedule Posts <= 2.1.8 - Reflected XSS

The Advanced Schedule Posts WordPress plugin through 2.1.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admins...

6AI score0.00265EPSS
Exploits2References1
CVE
CVE
added 2025/05/15 8:9 p.m.56 views

CVE-2024-0249

CVE-2024-0249 affects the WordPress plugin Advanced Schedule Posts (versions ≤ 2.1.8). The vulnerability is a Reflected Cross‑Site Scripting (XSS) caused by not sanitising/escaping a parameter before echoing it on the page, which could impact high‑privilege users (e.g., admins). Exploitation stat...

7.1CVSS8.6AI score0.00265EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2024/01/25 12:0 a.m.7 views

WordPress Advanced Schedule Posts Plugin <= 2.1.8 is vulnerable to Cross Site Scripting (XSS)

Software Advanced Schedule Posts Type Plugin Vulnerable versions = 2.1.8 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0249 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 858b382898f4 Credits Krzysztof...

5.9AI score0.00265EPSS
Exploits2References2Affected Software1
Rows per page
Query Builder