Musicbox WordPress - Reflected XSS

contains a reflected cross-site scripting caused by lack of sanitization and escaping of a parameter before outputting it in the page, letting attackers execute malicious scripts in the context of high privilege users, exploit requires attacker to craft a malicious URL. id: CVE-2024-13327 info:...

EUVD-2024-51532

Malicious code in bioql PyPI...

WordPress Musicbox plugin <= 2.0.3 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin Musicbox versions = 2.0.3...

CVE-2024-13327

The Musicbox WordPress plugin through 2.0.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-13327

The Musicbox WordPress plugin through 2.0.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-13327

The CVE covers the Musicbox WordPress plugin (versions 2.0.3 and earlier). A Reflected XSS occurs due to lack of sanitization and escaping of a parameter before it’s output on the page, enabling script execution in the context of high-privilege users (e.g., admins). The Nuclei template confirms t...

CVE-2024-13327 Musicbox <= 2.0.3 - Reflected XSS

The Musicbox WordPress plugin through 2.0.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

PT-2025-2113

Name of the Vulnerable Software and Affected Versions Musicbox WordPress plugin versions 2.0.3 and earlier Description The issue arises from the Musicbox WordPress plugin not sanitizing and escaping a parameter before outputting it back in the page. This leads to a Reflected Cross-Site Scripting...