Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 6:59 a.m.9 views

CVE-2024-11388

The Dino Game – Embed Google Chrome Dinosaur Game in WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'dino-game' shortcode in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping on user supplied attribute...

6.4CVSS5.6AI score0.0108EPSS
Exploits0References1
Circl
Circl
added 2024/11/21 3:22 a.m.6 views

CVE-2024-11388

creationtimestamp| type| source ---|---|--- 2024-11-21 03:22:51+00:00| seen| https://infosec.exchange/users/cve/statuses/113518796515663612 2024-11-22 16:50:38+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/9139...

6.4CVSS8.7AI score0.0108EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/21 2:6 a.m.11 views

CVE-2024-11388 Dino Game – Embed Google Chrome Dinosaur Game in WordPress <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Dino Game – Embed Google Chrome Dinosaur Game in WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'dino-game' shortcode in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping on user supplied attribute...

6.4CVSS5.6AI score0.0108EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/11/21 2:6 a.m.21 views

CVE-2024-11388 Dino Game – Embed Google Chrome Dinosaur Game in WordPress <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Dino Game – Embed Google Chrome Dinosaur Game in WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'dino-game' shortcode in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping on user supplied attribute...

6.4CVSS0.0108EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/11/21 12:0 a.m.11 views

WordPress Dino Game Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software Dino Game Type Plugin Vulnerable versions = 1.1.0 Fixed in 1.2.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11388 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3063a938b1ce Credits SOPROBRO Required privilege...

6.4CVSS5.8AI score0.0108EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder