3 matches found
CVE-2024-12502
creationtimestamp| type| source ---|---|--- 2024-12-14 06:03:43+00:00| seen| https://infosec.exchange/users/cve/statuses/113649662219075211 2024-12-14 06:49:33+00:00| seen| https://t.me/cvedetector/12911...
CVE-2024-12502
CVE-2024-12502 affects the My IDX Home Search WordPress plugin. Vector: Stored XSS via the homeasap-idx-landing shortcode in versions up to 2.0.1 due to insufficient input sanitization and output escaping on user attributes. Impact: authenticated attackers with contributor-level access can inject...
CVE-2024-12502 My IDX Home Search <= 2.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The My IDX Home Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'homeasap-idx-landing' shortcode in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...