Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:27 a.m.3 views

CVE-2024-5744

The wp-eMember WordPress plugin before 10.6.7 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

6.8CVSS6.3AI score0.0043EPSS
Exploits1References1
NVD
NVD
added 2024/07/13 6:15 a.m.19 views

CVE-2024-5744

The wp-eMember WordPress plugin before 10.6.7 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

6.8CVSS0.0043EPSS
Exploits1References1
OSV
OSV
added 2024/07/13 6:15 a.m.3 views

CVE-2024-5744

The wp-eMember WordPress plugin before 10.6.7 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

6.8CVSS5.8AI score0.0043EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/07/13 6:0 a.m.12 views

CVE-2024-5744 WP eMember < 10.6.7 - Reflected XSS

The wp-eMember WordPress plugin before 10.6.7 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

6.2AI score0.0043EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/07/13 6:0 a.m.24 views

CVE-2024-5744 WP eMember < 10.6.7 - Reflected XSS

The wp-eMember WordPress plugin before 10.6.7 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

0.0043EPSS
Exploits1References1
CVE
CVE
added 2024/07/13 6:0 a.m.56 views

CVE-2024-5744

CVE-2024-5744 affects the WordPress plugin WP eMember prior to version 10.6.7, where $_SERVER['REQUEST_URI'] is not escaped before echoing into an attribute, enabling Reflected XSS in older browsers. Public data from NVD/Red Hat Patch notes confirms the issue and indicates a fix in version 10.6.7...

6.8CVSS6.8AI score0.0043EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder