5 matches found
CVE-2024-5074
The wp-eMember WordPress plugin before 10.6.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-5074
The wp-eMember WordPress plugin before 10.6.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-5074
The CVE-2024-5074 entry concerns the WordPress WP eMember plugin (versions prior to 10.6.6). The issue is a failure to sanitise/escape a parameter before echoing it, causing a Reflected Cross-Site Scripting vulnerability that could be exploited against high-privilege users (e.g., admins). The Red...
CVE-2024-5074 WP eMember < 10.6.6 - Reflected XSS
The wp-eMember WordPress plugin before 10.6.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-5074 WP eMember < 10.6.6 - Reflected XSS
The wp-eMember WordPress plugin before 10.6.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...