Lucene search
K

4 matches found

Circl
Circl
added 2025/01/07 5:15 a.m.6 views

CVE-2024-11375

creationtimestamp| type| source ---|---|--- 2025-01-07 05:15:41+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lf4vf34vem22 2025-01-07 16:41:34+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/467...

6.1CVSS7.3AI score0.0034EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/01/07 4:21 a.m.5 views

CVE-2024-11375 WC1C <= 0.23.0 - Reflected Cross-Site Scripting

The WC1C plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 0.23.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that...

6.1CVSS6.4AI score0.0034EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/01/07 4:21 a.m.15 views

CVE-2024-11375 WC1C <= 0.23.0 - Reflected Cross-Site Scripting

The WC1C plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 0.23.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that...

6.1CVSS0.0034EPSS
Exploits0References2
CVE
CVE
added 2025/01/07 4:21 a.m.39 views

CVE-2024-11375

CVE-2024-11375 affects the WC1C WordPress plugin. The vulnerability is a Reflected Cross-Site Scripting (XSS) in which add_query_arg is used without proper escaping, present in all versions up to and including 0.23.0. This allows unauthenticated attackers to craft a link that, if a user is convin...

6.1CVSS6.1AI score0.0034EPSS
Exploits0References2
Rows per page
Query Builder