Lucene search
K

5 matches found

Circl
Circl
added 2025/05/20 4:41 p.m.5 views

CVE-2024-10054

creationtimestamp| type| source ---|---|--- 2025-05-20 16:41:01+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/17012...

4.8CVSS4.8AI score0.00266EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/17 9:3 p.m.9 views

CVE-2024-10054

The Happyforms WordPress plugin before 1.26.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.7AI score0.00266EPSS
Exploits1References1
Patchstack
Patchstack
added 2025/05/16 11:46 p.m.10 views

WordPress Happyforms plugin < 1.26.3 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin Happyforms versions 1.26.3...

4.8CVSS6AI score0.00266EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2025/05/15 8:15 p.m.9 views

CVE-2024-10054

The Happyforms WordPress plugin before 1.26.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS0.00266EPSS
Exploits1References1
CVE
CVE
added 2025/05/15 8:6 p.m.34 views

CVE-2024-10054

The CVE-2024-10054 entry concerns the WordPress Happyforms plugin (versions before 1.26.3). Affected component: settings sanitization/escaping in the plugin allows high-privilege users (e.g., admins) to perform Stored Cross-Site Scripting, potentially even when unfiltered_html is disallowed (nota...

4.8CVSS5.7AI score0.00266EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder