4 matches found
CVE-2024-11683
creationtimestamp| type| source ---|---|--- 2024-12-12 04:03:57+00:00| seen| https://infosec.exchange/users/cve/statuses/113637866613444526 2024-12-12 06:17:30+00:00| seen| https://t.me/cvedetector/12694...
CVE-2024-11683
CVE-2024-11683 concerns the Newsletter Subscriptions plugin for WordPress. According to connected documents, versions up to and including 2.1 are affected by a Reflected Cross-Site Scripting (XSS) vulnerability via the token_type parameter due to insufficient input sanitization and output escapin...
CVE-2024-11683 Newsletter Subscriptions <= 2.1 - Reflected Cross-Site Scripting
The Newsletter Subscriptions plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tokentype' parameter in all versions up to, and including, 2.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2024-11683 Newsletter Subscriptions <= 2.1 - Reflected Cross-Site Scripting
The Newsletter Subscriptions plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tokentype' parameter in all versions up to, and including, 2.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...