3 matches found
CVE-2024-10164
The Premium Packages – Sell Digital Products Securely plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpdmpppaylink shortcode in all versions up to, and including, 5.9.3 due to insufficient input sanitization and output escaping on user supplied attributes. This...
CVE-2024-10164
creationtimestamp| type| source ---|---|--- 2024-11-21 02:37:47+00:00| seen| https://infosec.exchange/users/cve/statuses/113518619326643859...
WordPress Premium Packages Plugin <= 5.9.3 is vulnerable to Cross Site Scripting (XSS)
Software Premium Packages Type Plugin Vulnerable versions = 5.9.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10164 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID e294ff14d79a Credits Peter Thaleikis Required...