4 matches found
CVE-2024-11375
creationtimestamp| type| source ---|---|--- 2025-01-07 05:15:41+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lf4vf34vem22 2025-01-07 16:41:34+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/467...
CVE-2024-11375 WC1C <= 0.23.0 - Reflected Cross-Site Scripting
The WC1C plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 0.23.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that...
CVE-2024-11375 WC1C <= 0.23.0 - Reflected Cross-Site Scripting
The WC1C plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 0.23.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that...
CVE-2024-11375
CVE-2024-11375 affects the WC1C WordPress plugin. The vulnerability is a Reflected Cross-Site Scripting (XSS) in which add_query_arg is used without proper escaping, present in all versions up to and including 0.23.0. This allows unauthenticated attackers to craft a link that, if a user is convin...