3 matches found
CVE-2024-11366
CVE-2024-11366 – SEO Landing Page Generator (WordPress) Affected: WordPress plugin SEO Landing Page Generator up to version 1.66.2.Vulnerability: Reflected Cross-Site Scripting (XSS) due to improper escaping in add_query_arg usage on the URL.Impact: Unauthenticated attackers can craft links that,...
CVE-2024-11366 SEO Landing Page Generator <= 1.66.2 - Reflected Cross-Site Scripting
The SEO Landing Page Generator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.66.2. This makes it possible for unauthenticated attackers to inject arbitrary web...
WordPress SEO Landing Page Generator Plugin <= 1.66.2 is vulnerable to Cross Site Scripting (XSS)
Software SEO Landing Page Generator Type Plugin Vulnerable versions = 1.66.2 Fixed in 1.66.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11366 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0d742f2bf7f0 Credits vgo0...