4 matches found
CVE-2024-6224
creationtimestamp| type| source ---|---|--- 2024-07-30 09:02:36+00:00| seen| https://t.me/cvedetector/1980...
CVE-2024-6224
The Send email only on Reply to My Comment WordPress plugin through 1.0.6 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...
CVE-2024-6224 Send email only on Reply to My Comment <= 1.0.6 - Stored XSS via CSRF
The Send email only on Reply to My Comment WordPress plugin through 1.0.6 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...
WordPress Send email only on Reply to My Comment Plugin <= 1.0.6 is vulnerable to Cross Site Scripting (XSS)
Software Send email only on Reply to My Comment Type Plugin Vulnerable versions = 1.0.6 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6224 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 251d7c486476 Credi...