Lucene search
+L

5 matches found

Circl
Circl
added 2025/02/01 6:15 a.m.20 views

CVE-2024-13096

creationtimestamp| type| source ---|---|--- 2025-02-01 06:15:56+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lh3uft57mu2f 2025-02-01 07:16:11+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/3719 2025-02-01 07:25:45+00:00| seen|...

4.6CVSS7.3AI score0.00163EPSS
Exploits1References5
OSV
OSV
added 2025/02/01 6:15 a.m.3 views

CVE-2024-13096

The WP Finance WordPress plugin through 1.3.6 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

4.6CVSS7.3AI score0.00163EPSS
Exploits1References1
NVD
NVD
added 2025/02/01 6:15 a.m.40 views

CVE-2024-13096

The WP Finance WordPress plugin through 1.3.6 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

4.6CVSS0.00163EPSS
Exploits1References1
CVE
CVE
added 2025/02/01 6:0 a.m.62 views

CVE-2024-13096

CVE-2024-13096 affects the WP Finance WordPress plugin (versions

4.6CVSS5.6AI score0.00163EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/01 6:0 a.m.6 views

CVE-2024-13096 WP Finance <= 1.3.6 - Stored XSS via CSRF

The WP Finance WordPress plugin through 1.3.6 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

4.5AI score0.00163EPSS
Exploits1References1
Rows per page
Query Builder