Lucene search
K

4 matches found

OSV
OSV
added 2025/01/30 6:15 a.m.5 views

CVE-2024-12638

The Bulk Me Now! WordPress plugin through 2.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS7.3AI score0.00532EPSS
Exploits1References1
CVE
CVE
added 2025/01/30 6:0 a.m.50 views

CVE-2024-12708

CVE-2024-12708 affects Bulk Me Now! WordPress plugin (versions up to 2.0). It reports stored XSS via shortcode attributes not properly validated/escaped before output in posts/pages. This could enable contributors and above to store and trigger XSS. Public patch status is not clearly documented i...

7.1CVSS6.3AI score0.00256EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/30 12:0 a.m.4 views

PT-2025-1923

Name of the Vulnerable Software and Affected Versions Bulk Me Now! WordPress plugin versions through 2.0 Description The issue is related to a Reflected Cross-Site Scripting problem, where a parameter is not properly sanitised and escaped before being outputted back in the page. This could be...

7.1CVSS8.1AI score0.00532EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2025/01/30 12:0 a.m.3 views

PT-2025-1931 · WordPress · Bulk Me Now!

Name of the Vulnerable Software and Affected Versions: Bulk Me Now! WordPress plugin through 2.0 Description: The issue is related to the plugin not validating and escaping some of its shortcode attributes before outputting them back in a page or post, which could allow users with the contributor...

7.1CVSS8.2AI score0.00256EPSS
Exploits1References6
Rows per page
Query Builder