Travel Tour < 5.2.4 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Amine SAJID in WordPress Theme Travel Tour versions 5.2.4...

CVE-2024-11846 Travel Tour < 5.2.4 - Reflected XSS

The does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-11846 Travel Tour < 5.2.4 - Reflected XSS

The does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-11846

CVE-2024-11846 Travel Tour faces a reflected XSS due to improper sanitization/escaping of a parameter in Travel Tour before output. Affected software: Travel Tour (WordPress plugin) versions prior to 5.2.4. Impact is Reflected XSS potentially exploitable by attackers to run script in context of a...

WordPress plugin Travel Tour 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Travel Tour Theme < 1.2.0 is vulnerable to Cross Site Scripting (XSS)

Software Travel Tour Type Theme Vulnerable versions 1.2.0 Fixed in 1.2.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f08db9648ea0 Credits Rafie Muhammad Patchstack Required...

Fancier /travel/tour_view. aspx a parameter injection vulnerability

No description provided by source...