Lucene search
+L

4 matches found

NVD
NVD
added 2024/12/12 9:15 a.m.8 views

CVE-2024-11760

The Currency Converter Widget ⚡ PRO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'currency-converter-widget-pro' shortcode in all versions up to, and including, 1.0.6 due to insufficient input sanitization and output escaping on user supplied attributes. This...

6.4CVSS0.00275EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/12/12 8:22 a.m.5 views

CVE-2024-11760 Currency Converter Widget ⚡ PRO <= 1.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Currency Converter Widget ⚡ PRO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'currency-converter-widget-pro' shortcode in all versions up to, and including, 1.0.6 due to insufficient input sanitization and output escaping on user supplied attributes. This...

6.4CVSS5.8AI score0.00275EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/12/12 8:22 a.m.19 views

CVE-2024-11760 Currency Converter Widget ⚡ PRO <= 1.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Currency Converter Widget ⚡ PRO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'currency-converter-widget-pro' shortcode in all versions up to, and including, 1.0.6 due to insufficient input sanitization and output escaping on user supplied attributes. This...

6.4CVSS0.00275EPSS
Exploits0References2
CVE
CVE
added 2024/12/12 8:22 a.m.53 views

CVE-2024-11760

CVE-2024-11760 : The Currency Converter Widget PRO plugin for WordPress is vulnerable to a Stored Cross-Site Scripting (XSS) condition via the plugin’s shortcode currency-converter-widget-pro. Affected versions are up to and including 1.0.6 . The underlying issue is insufficient input sanitizatio...

6.4CVSS5.7AI score0.00275EPSS
Exploits0References2
Rows per page
Query Builder