Lucene search
K

4 matches found

OSV
OSV
added 2024/06/14 6:15 a.m.3 views

CVE-2024-3966

The Pray For Me WordPress plugin through 1.0.4 does not sanitise and escape some parameters, which could unauthenticated visitors to perform Cross-Site Scripting attacks that trigger when an admin visits the Prayer Requests in the WP Admin...

6.1CVSS5.8AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/14 6:0 a.m.19 views

CVE-2024-3966 Pray For Me <= 1.0.4 - Unauthenticated Stored XSS

The Pray For Me WordPress plugin through 1.0.4 does not sanitise and escape some parameters, which could unauthenticated visitors to perform Cross-Site Scripting attacks that trigger when an admin visits the Prayer Requests in the WP Admin...

6.2AI score0.00323EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/06/14 6:0 a.m.25 views

CVE-2024-3966 Pray For Me <= 1.0.4 - Unauthenticated Stored XSS

The Pray For Me WordPress plugin through 1.0.4 does not sanitise and escape some parameters, which could unauthenticated visitors to perform Cross-Site Scripting attacks that trigger when an admin visits the Prayer Requests in the WP Admin...

0.00323EPSS
Exploits2References1
Patchstack
Patchstack
added 2024/05/24 12:0 a.m.8 views

WordPress Pray For Me Plugin <= 1.0.4 is vulnerable to Cross Site Scripting (XSS)

Software Pray For Me Type Plugin Vulnerable versions = 1.0.4 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3966 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 8808391bdd41 Credits Bob Matyas Required privilege...

6.1CVSS5.7AI score0.00323EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder