4 matches found
CVE-2024-11973
The Quran multilanguage Text & Audio plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'sourate' and 'lang' parameter in all versions up to, and including, 2.3.21 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
CVE-2024-11973
The Quran multilanguage Text & Audio plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'sourate' and 'lang' parameter in all versions up to, and including, 2.3.21 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
CVE-2024-11973
creationtimestamp| type| source ---|---|--- 2024-12-10 09:33:04+00:00| seen| https://infosec.exchange/users/cve/statuses/113627836194244480 2024-12-10 11:37:13+00:00| seen| https://t.me/cvedetector/12489...
CVE-2024-11973 Quran multilanguage Text & Audio <= 2.3.21 - Reflected Cross-Site Scripting via sourate and lang Parameters
The Quran multilanguage Text & Audio plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'sourate' and 'lang' parameter in all versions up to, and including, 2.3.21 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...