5 matches found
WordPress AffiliateImporterEb plugin <= 1.0.6 - Reflected XSS via Search vulnerability
Reflected XSS via Search vulnerability discovered by Bob Matyas in WordPress Plugin AffiliateImporterEb versions = 1.0.6...
CVE-2024-12733
The AffiliateImporterEb WordPress plugin through 1.0.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-12733
The AffiliateImporterEb WordPress plugin through 1.0.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-12733 AffiliateImporterEb <= 1.0.6 - Reflected XSS via Search
The AffiliateImporterEb WordPress plugin through 1.0.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-12733
The CVE-2024-12733 entry applies to the AffiliateImporterEb WordPress plugin (versions 1.0.0–1.0.6). The vulnerability is a Reflected Cross-Site Scripting caused by insufficient sanitisation/escaping of an input parameter before echoing it on the page, with impact described as exploitable against...