Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/02/28 6:25 a.m.7 views

CVE-2024-13678

The R3W InstaFeed WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS6AI score0.00354EPSS
Exploits1References1
NVD
NVD
added 2025/02/26 1:15 p.m.9 views

CVE-2024-13678

The R3W InstaFeed WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS0.00354EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/02/26 6:0 a.m.7 views

CVE-2024-13678 R3W Instafeed <= 1.0 - Reflected XSS

The R3W InstaFeed WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1AI score0.00354EPSS
Exploits1References1
CVE
CVE
added 2025/02/26 6:0 a.m.61 views

CVE-2024-13678

CVE-2024-13678 affects the R3W InstaFeed WordPress plugin (≤1.0). The vulnerability is a reflected cross-site scripting due to insufficient sanitization/escaping of a parameter before output, which could be exploited against high-privilege users (e.g., admins). Technical details indicate a networ...

6.1CVSS6.4AI score0.00354EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/02/26 6:0 a.m.24 views

CVE-2024-13678 R3W Instafeed <= 1.0 - Reflected XSS

The R3W InstaFeed WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

0.00354EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/02/26 12:0 a.m.3 views

WordPress plugin R3W InstaFeed 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

6.1CVSS8.9AI score0.00354EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/02/26 12:0 a.m.9 views

PT-2025-8683 · WordPress · R3W Instafeed

Name of the Vulnerable Software and Affected Versions: R3W InstaFeed WordPress plugin version 1.0 Description: The issue is related to a Reflected Cross-Site Scripting problem. It occurs because a parameter is not properly sanitised and escaped before being outputted back in the page. This could ...

6.1CVSS8.7AI score0.00354EPSS
Exploits1References3
Patchstack
Patchstack
added 2025/02/12 9:57 p.m.4 views

WordPress R3W InstaFeed plugin <= 1.0 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin R3W InstaFeed versions = 1.0...

6.1CVSS6.4AI score0.00354EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder