3 matches found
CVE-2024-1519
creationtimestamp| type| source ---|---|--- 2024-03-08 14:51:25+00:00| seen| https://t.me/ctinow/203351...
CVE-2024-1519
CVE-2024-1519 affects the WordPress ProfilePress/Payed Membership Plugin (ProfilePress) up to version 4.14.4. The root cause is stored cross-site scripting via the name parameter due to insufficient input sanitization and output escaping. Exploitation requires an active member listing page using ...
WordPress ProfilePress Plugin <= 4.14.4 is vulnerable to Cross Site Scripting (XSS)
Software ProfilePress Type Plugin Vulnerable versions = 4.14.4 Fixed in 4.15.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1519 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID abd5fc026e9d Credits stealthcopter...