6 matches found
CVE-2024-11889
The My IDX Home Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'homeasap-idx-search' shortcode in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-11889
creationtimestamp| type| source ---|---|--- 2024-12-14 05:33:41+00:00| seen| https://infosec.exchange/users/cve/statuses/113649544120285012 2024-12-14 06:49:39+00:00| seen| https://t.me/cvedetector/12915...
CVE-2024-11889
The My IDX Home Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'homeasap-idx-search' shortcode in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-11889 My IDX Home Search <= 2.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The My IDX Home Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'homeasap-idx-search' shortcode in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-11889 My IDX Home Search <= 2.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The My IDX Home Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'homeasap-idx-search' shortcode in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-11889
CVE-2024-11889 concerns a Stored XSS in the WordPress plugin “My IDX Home Search.” According to the CVE description, the vulnerability exists in the plugin’s shortcodes, specifically the ‘homeasap-idx-search’ shortcode, allowing an authenticated attacker with contributor-level access or higher to...