3 matches found
CVE-2024-0852
coreActivity: Activity Logging plugin for WordPress (prior to 1.8.1) is vulnerable to unauthenticated Stored XSS due to insufficient escaping of certain request data when rendering in the admin logs dashboard. The issue allows an unauthenticated attacker to craft input that could execute JavaScri...
CVE-2024-0852
creationtimestamp| type| source ---|---|--- 2024-02-21 14:41:53+00:00| seen| https://t.me/ctinow/189635 2025-05-15 20:33:56+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/16569...
WordPress coreActivity: Activity Logging plugin for WordPress Plugin <= 1.8 is vulnerable to Cross Site Scripting (XSS)
Software coreActivity: Activity Logging plugin for WordPress Type Plugin Vulnerable versions = 1.8 Fixed in 1.8.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0852 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...