5 matches found
CVE-2024-13096
creationtimestamp| type| source ---|---|--- 2025-02-01 06:15:56+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lh3uft57mu2f 2025-02-01 07:16:11+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/3719 2025-02-01 07:25:45+00:00| seen|...
CVE-2024-13096
The WP Finance WordPress plugin through 1.3.6 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...
CVE-2024-13096
The WP Finance WordPress plugin through 1.3.6 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...
CVE-2024-13096
CVE-2024-13096 affects the WP Finance WordPress plugin (versions
CVE-2024-13096 WP Finance <= 1.3.6 - Stored XSS via CSRF
The WP Finance WordPress plugin through 1.3.6 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...