Lucene search
K

4 matches found

Circl
Circl
added 2024/07/30 9:2 a.m.7 views

CVE-2024-6224

creationtimestamp| type| source ---|---|--- 2024-07-30 09:02:36+00:00| seen| https://t.me/cvedetector/1980...

5.9CVSS4.8AI score0.00195EPSS
Exploits1References1
OSV
OSV
added 2024/07/30 6:15 a.m.1 views

CVE-2024-6224

The Send email only on Reply to My Comment WordPress plugin through 1.0.6 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

5.9CVSS5.8AI score0.00195EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/07/30 6:0 a.m.17 views

CVE-2024-6224 Send email only on Reply to My Comment <= 1.0.6 - Stored XSS via CSRF

The Send email only on Reply to My Comment WordPress plugin through 1.0.6 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

5.9AI score0.00195EPSS
Exploits1References1
Patchstack
Patchstack
added 2024/07/30 12:0 a.m.10 views

WordPress Send email only on Reply to My Comment Plugin <= 1.0.6 is vulnerable to Cross Site Scripting (XSS)

Software Send email only on Reply to My Comment Type Plugin Vulnerable versions = 1.0.6 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6224 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 251d7c486476 Credi...

5.9CVSS5.7AI score0.00195EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder