Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/02/08 4:36 a.m.9 views

CVE-2024-13331

The WP Dream Carousel WordPress plugin through 1.0.1b does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS6AI score0.00567EPSS
Exploits1References1
Circl
Circl
added 2025/02/04 6:16 a.m.12 views

CVE-2024-13331

creationtimestamp| type| source ---|---|--- 2025-02-04 06:16:13+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhdft3mpy62e 2025-02-04 06:43:14+00:00| seen| https://infosec.exchange/users/cve/statuses/113944257725945915 2025-02-04 08:02:11+00:00| seen|...

6.1CVSS8.7AI score0.00567EPSS
Exploits1References6
NVD
NVD
added 2025/02/04 6:15 a.m.14 views

CVE-2024-13331

The WP Dream Carousel WordPress plugin through 1.0.1b does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS0.00567EPSS
Exploits1References1
CVE
CVE
added 2025/02/04 6:0 a.m.66 views

CVE-2024-13331

CVE-2024-13331 affects the WordPress plugin WP Dream Carousel (versions up to 1.0.1b). The issue is a Reflected Cross‑Site Scripting caused by not sanitising and escaping a parameter before it is echoed in the page. The advisory notes this could be exploited against high‑privilege users (e.g., ad...

6.1CVSS6.2AI score0.00567EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/04 6:0 a.m.8 views

CVE-2024-13331 WP Dream Carousel <= 1.0.1b - Reflected XSS

The WP Dream Carousel WordPress plugin through 1.0.1b does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1AI score0.00567EPSS
Exploits1References1
Rows per page
Query Builder