4 matches found
CVE-2024-54406
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in moallemi Comments On Feed comments-on-feed allows Reflected XSS.This issue affects Comments On Feed: from n/a through = 1.2.1...
CVE-2024-54406
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in moallemi Comments On Feed comments-on-feed allows Reflected XSS.This issue affects Comments On Feed: from n/a through = 1.2.1...
CVE-2024-54406
CVE-2024-54406 is a Reflected XSS in the WordPress plugin Comments On Feed (vulnerable: up to 1.2.1; affected from n/a). Root cause: Improper neutralization of input during web page generation. Impact is described as Cross‑site Scripting with HIGH base risk (CVSS 3.1: AV:N/AC:L/PR:N/UI:R/S:C/C:L/...
PT-2024-36293 · Unknown · Reza Moallemi Comments On Feed
Name of the Vulnerable Software and Affected Versions: Reza Moallemi Comments On Feed versions 1.2.1 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for reflected Cross-site Scripting XSS. This enables attackers to inject...