3 matches found
CVE-2024-3594
creationtimestamp| type| source ---|---|--- 2025-03-20 19:18:29+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/8266...
CVE-2024-3594
The IDonate WordPress plugin through 1.9.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
WordPress IDonate Plugin < 2.0.0 is vulnerable to Cross Site Scripting (XSS)
Software IDonate Type Plugin Vulnerable versions 2.0.0 Fixed in 2.0.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3594 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 2bce0de5dc2b Credits Laburity Research Team Required...