3 matches found
CVE-2024-12445
The RightMessage WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'rmarea' shortcode in all versions up to, and including, 0.9.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-12445
creationtimestamp| type| source ---|---|--- 2025-01-07 04:36:38+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/301 2025-01-07 05:17:17+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lf4vhwgpgp2f 2025-01-07 05:53:08+00:00| seen|...
CVE-2024-12445 RightMessage WP <= 0.9.7 - Authenticated (Contributor+) Stored Cross-Site Scripting
The RightMessage WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'rmarea' shortcode in all versions up to, and including, 0.9.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...