6 matches found
CVE-2024-10792
The Easiest Funnel Builder For WordPress & WooCommerce by WPFunnels plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'postid' parameter in all versions up to, and including, 3.5.5 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2024-10792
creationtimestamp| type| source ---|---|--- 2024-11-21 09:36:55+00:00| seen| https://infosec.exchange/users/cve/statuses/113520267410899968...
CVE-2024-10792 Easiest Funnel Builder For WordPress & WooCommerce by WPFunnels <= 3.5.5 - Reflected Cross-Site Scripting
The Easiest Funnel Builder For WordPress & WooCommerce by WPFunnels plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'postid' parameter in all versions up to, and including, 3.5.5 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2024-10792
CVE-2024-10792 affects the WordPress plugin Easiest Funnel Builder For WordPress & WooCommerce by WPFunnels. It is a reflected Cross-Site Scripting (XSS) vulnerability via the post_id parameter in all versions up to 3.5.5. The issue arises from insufficient input sanitization and output escaping....
CVE-2024-10792 Easiest Funnel Builder For WordPress & WooCommerce by WPFunnels <= 3.5.5 - Reflected Cross-Site Scripting
The Easiest Funnel Builder For WordPress & WooCommerce by WPFunnels plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'postid' parameter in all versions up to, and including, 3.5.5 due to insufficient input sanitization and output escaping. This makes it possible for...
WordPress WPFunnels Plugin <= 3.5.5 is vulnerable to Cross Site Scripting (XSS)
Software WPFunnels Type Plugin Vulnerable versions = 3.5.5 Fixed in 3.5.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10792 Patch priority Medium CVSS severity Medium 7.1 Developer WPFunnels Team PSID b1c17399226b Credits Nathan calysteon Require...