3 matches found
CVE-2024-13010
The WP Foodbakery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 4.8 due to insufficient input sanitization and output escaping on the 'searchtype' parameter. This makes it possible for unauthenticated attackers to inject arbitrary web scrip...
CVE-2024-13010
creationtimestamp| type| source ---|---|--- 2025-02-10 18:48:55+00:00| seen| https://infosec.exchange/users/cve/statuses/113981085096993190 2025-02-10 19:15:54+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhtu6rc2ai2z 2025-02-10 21:16:46+00:00| seen|...
CVE-2024-13010 WP Foodbakery <= 4.8 - Reflected Cross-Site Scripting
The WP Foodbakery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 4.8 due to insufficient input sanitization and output escaping on the 'searchtype' parameter. This makes it possible for unauthenticated attackers to inject arbitrary web scrip...