4 matches found
CVE-2024-12438
The WooCommerce Digital Content Delivery incl. DRM – FlickRocket plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'startdate’ and 'enddate' parameters in all versions up to, and including, 4.75 due to insufficient input sanitization and output escaping. This makes it...
CVE-2024-12438
creationtimestamp| type| source ---|---|--- 2025-01-07 05:38:16+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/337 2025-01-07 06:03:52+00:00| seen| https://infosec.exchange/users/cve/statuses/113785558196609609 2025-01-07 06:16:09+00:00| seen|...
CVE-2024-12438
The CVE-2024-12438 entry concerns the WooCommerce Digital Content Delivery (incl. DRM) – FlickRocket WordPress plugin, vulnerable to Reflected Cross-Site Scripting via the start_date and end_date parameters. Affected versions are up to 4.74 per the CVE description; other sources also reference ve...
CVE-2024-12438 WooCommerce Digital Content Delivery (incl. DRM) – FlickRocket <= 4.75 - Reflected Cross-Site Scripting
The WooCommerce Digital Content Delivery incl. DRM – FlickRocket plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'startdate’ and 'enddate' parameters in all versions up to, and including, 4.75 due to insufficient input sanitization and output escaping. This makes it...