8 matches found
CVE-2024-8728
The Easy Load More plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.0.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages...
CVE-2024-8728
CVE-2024-8728 affects the WordPress plugin Easy Load More (versions ≤ 1.0.3). It enables Reflected Cross-Site Scripting due to insufficient escaping of add_query_arg, allowing unauthenticated attackers to inject scripts when a user is tricked into clicking a link. The provided documents do not sp...
CVE-2024-8728 Easy Load More <= 1.0.3 - Reflected Cross-Site Scripting
The Easy Load More plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.0.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages...
CVE-2024-8728 Easy Load More <= 1.0.3 - Reflected Cross-Site Scripting
The Easy Load More plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.0.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages...
WordPress Easy Load More plugin <= 1.0.3 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Easy Load More versions = 1.0.3...
PT-2024-39207 · WordPress · Easy Load More
Name of the Vulnerable Software and Affected Versions: Easy Load More plugin for WordPress versions up to, and including, 1.0.3 Description: The issue arises from the use of add query arg without proper escaping on the URL, allowing unauthenticated attackers to inject arbitrary web scripts in...
WordPress Easy Load More Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)
Software Easy Load More Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8728 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 59f09f12d886 Credits vgo0 Required privile...
WordPress plugin Easy Load More 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...