Lucene search
K

5 matches found

Circl
Circl
added 2025/03/14 1:48 a.m.6 views

CVE-2024-3937

creationtimestamp| type| source ---|---|--- 2025-03-14 01:48:30+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7516...

4.8CVSS4.8AI score0.00332EPSS
Exploits2References1
NVD
NVD
added 2024/05/29 6:18 a.m.21 views

CVE-2024-3937

The Playlist for Youtube WordPress plugin through 1.32 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS7.8AI score0.00332EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2024/05/29 6:0 a.m.21 views

CVE-2024-3937 Playlist for Youtube <= 1.32 - Editor+ Stored XSS

The Playlist for Youtube WordPress plugin through 1.32 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.7AI score0.00332EPSS
Exploits2References1
CVE
CVE
added 2024/05/29 6:0 a.m.61 views

CVE-2024-3937

The CVE-2024-3937 entry concerns the Playlist for Youtube WordPress plugin (versions = 1.40. The base CVSS in the initial document is MEDIUM (4.8). No exploitation status is stated in the provided materials; remediation guidance is to update to a patched version and follow vendor advisories.

4.8CVSS5.6AI score0.00332EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2024/05/29 6:0 a.m.32 views

CVE-2024-3937 Playlist for Youtube <= 1.32 - Editor+ Stored XSS

The Playlist for Youtube WordPress plugin through 1.32 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

7.8AI score0.00332EPSS
Exploits2References1
Rows per page
Query Builder