Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:2 a.m.4 views

CVE-2024-11758

The WP SPID Italia plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode in all versions up to, and including, 2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, wit...

6.4CVSS5.8AI score0.00325EPSS
Exploits0References1
NVD
NVD
added 2025/01/11 8:15 a.m.7 views

CVE-2024-11758

The WP SPID Italia plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode in all versions up to, and including, 2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, wit...

6.4CVSS0.00325EPSS
Exploits0References3
CVE
CVE
added 2025/01/11 7:21 a.m.40 views

CVE-2024-11758

The CVE-2024-11758 entry affects the WP SPID Italia WordPress plugin. Impact: Stored Cross-Site Scripting via the plugin shortcode allows an authenticated attacker (contributor level or higher) to inject web scripts that execute when visitors access the affected page. Technical details: all versi...

6.4CVSS5.7AI score0.00325EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/01/11 7:21 a.m.15 views

CVE-2024-11758 WP SPID Italia <= 2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting

The WP SPID Italia plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode in all versions up to, and including, 2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, wit...

6.4CVSS0.00325EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/01/10 9:38 p.m.3 views

WordPress WP SPID Italia plugin <= 2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by SOPROBRO in WordPress Plugin WP SPID Italia versions = 2.9...

6.4CVSS5.7AI score0.00325EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/07/19 12:0 a.m.8 views

WordPress WP SPID Italia Plugin <= 2.4.3 is vulnerable to Cross Site Scripting (XSS)

Software WP SPID Italia Type Plugin Vulnerable versions = 2.4.3 Fixed in 2.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID d8c2a46f0b6d Credits Rafie Muhammad Patchstack Required...

6.2AI score0.00284EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.16 views

WordPress WP SPID Italia plugin <= 2.3.4 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress WP SPID Italia plugin versions = 2.3.4. Solution Update the WordPress WP SPID Italia plugin to the latest available version at least 2.3.5...

3.7AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.14 views

WordPress WP SPID Italia plugin <= 2.3.4 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress WP SPID Italia plugin versions = 2.3.4. Solution Update the WordPress WP SPID Italia plugin to the latest available version at least 2.3.5...

3.1AI score
Exploits0References2Affected Software1
Rows per page
Query Builder