Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:1 a.m.5 views

CVE-2024-11889

The My IDX Home Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'homeasap-idx-search' shortcode in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS7.4AI score0.00345EPSS
Exploits0References1
Circl
Circl
added 2024/12/14 5:33 a.m.5 views

CVE-2024-11889

creationtimestamp| type| source ---|---|--- 2024-12-14 05:33:41+00:00| seen| https://infosec.exchange/users/cve/statuses/113649544120285012 2024-12-14 06:49:39+00:00| seen| https://t.me/cvedetector/12915...

6.4CVSS8.7AI score0.00345EPSS
Exploits0References2
NVD
NVD
added 2024/12/14 5:15 a.m.10 views

CVE-2024-11889

The My IDX Home Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'homeasap-idx-search' shortcode in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS0.00345EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/12/14 4:23 a.m.8 views

CVE-2024-11889 My IDX Home Search <= 2.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The My IDX Home Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'homeasap-idx-search' shortcode in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS7.4AI score0.00345EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/12/14 4:23 a.m.19 views

CVE-2024-11889 My IDX Home Search <= 2.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The My IDX Home Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'homeasap-idx-search' shortcode in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS0.00345EPSS
Exploits0References4
CVE
CVE
added 2024/12/14 4:23 a.m.46 views

CVE-2024-11889

CVE-2024-11889 concerns a Stored XSS in the WordPress plugin “My IDX Home Search.” According to the CVE description, the vulnerability exists in the plugin’s shortcodes, specifically the ‘homeasap-idx-search’ shortcode, allowing an authenticated attacker with contributor-level access or higher to...

6.4CVSS7.4AI score0.00345EPSS
Exploits0References4
Rows per page
Query Builder