4 matches found
CVE-2024-3966
The Pray For Me WordPress plugin through 1.0.4 does not sanitise and escape some parameters, which could unauthenticated visitors to perform Cross-Site Scripting attacks that trigger when an admin visits the Prayer Requests in the WP Admin...
CVE-2024-3966 Pray For Me <= 1.0.4 - Unauthenticated Stored XSS
The Pray For Me WordPress plugin through 1.0.4 does not sanitise and escape some parameters, which could unauthenticated visitors to perform Cross-Site Scripting attacks that trigger when an admin visits the Prayer Requests in the WP Admin...
CVE-2024-3966 Pray For Me <= 1.0.4 - Unauthenticated Stored XSS
The Pray For Me WordPress plugin through 1.0.4 does not sanitise and escape some parameters, which could unauthenticated visitors to perform Cross-Site Scripting attacks that trigger when an admin visits the Prayer Requests in the WP Admin...
WordPress Pray For Me Plugin <= 1.0.4 is vulnerable to Cross Site Scripting (XSS)
Software Pray For Me Type Plugin Vulnerable versions = 1.0.4 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3966 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 8808391bdd41 Credits Bob Matyas Required privilege...