3 matches found
Simple Certain Time to Show Content - Cross-Site Scripting
Simple Certain Time to Show Content WordPress plugin 1.3.1 contains a reflected cross-site scripting caused by lack of sanitization and escaping of a parameter before outputting it in the page, letting attackers execute arbitrary scripts in the context of high privilege users such as admin, explo...
CVE-2024-10152
creationtimestamp| type| source ---|---|--- 2025-02-26 06:25:31+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5474 2026-02-11 14:55:22+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-10152.yaml 2026-02-12 21:03:14+00:00| seen|...
CVE-2024-10152 Simple Certain Time to Show Content < 1.3.1 - Reflected XSS
The Simple Certain Time to Show Content WordPress plugin before 1.3.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...