6 matches found
CVE-2024-0249
The Advanced Schedule Posts WordPress plugin through 2.1.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admins...
CVE-2024-0249
creationtimestamp| type| source ---|---|--- 2025-05-15 20:33:58+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16570...
CVE-2024-0249
The Advanced Schedule Posts WordPress plugin through 2.1.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admins...
CVE-2024-0249 Advanced Schedule Posts <= 2.1.8 - Reflected XSS
The Advanced Schedule Posts WordPress plugin through 2.1.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admins...
CVE-2024-0249
CVE-2024-0249 affects the WordPress plugin Advanced Schedule Posts (versions ≤ 2.1.8). The vulnerability is a Reflected Cross‑Site Scripting (XSS) caused by not sanitising/escaping a parameter before echoing it on the page, which could impact high‑privilege users (e.g., admins). Exploitation stat...
WordPress Advanced Schedule Posts Plugin <= 2.1.8 is vulnerable to Cross Site Scripting (XSS)
Software Advanced Schedule Posts Type Plugin Vulnerable versions = 2.1.8 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0249 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 858b382898f4 Credits Krzysztof...