Lucene search
+L

5 matches found

NVD
NVD
added 2025/01/17 5:15 a.m.25 views

CVE-2024-13434

The WP Inventory Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'message' parameter in all versions up to, and including, 2.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrar...

6.1CVSS0.0028EPSS
Exploits0References2
Circl
Circl
added 2025/01/17 4:34 a.m.6 views

CVE-2024-13434

creationtimestamp| type| source ---|---|--- 2025-01-17 04:34:12+00:00| seen| https://infosec.exchange/users/cve/statuses/113841828810932968 2025-01-17 04:56:28+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2095 2025-01-17 05:15:31+00:00| seen|...

6.1CVSS7.3AI score0.0028EPSS
Exploits0References5
CVE
CVE
added 2025/01/17 4:30 a.m.50 views

CVE-2024-13434

CVE-2024-13434 concerns the WP Inventory Manager WordPress plugin. It allows a Reflected Cross-Site Scripting (XSS) via the user-supplied parameter “message” in all versions up to 2.3.2, caused by insufficient input sanitization and inadequate output escaping. The vulnerability enables unauthenti...

6.1CVSS6AI score0.0028EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/01/17 4:30 a.m.5 views

CVE-2024-13434 WP Inventory Manager <= 2.3.2 - Reflected Cross-Site Scripting

The WP Inventory Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'message' parameter in all versions up to, and including, 2.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrar...

6.1CVSS6AI score0.0028EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/01/17 4:30 a.m.20 views

CVE-2024-13434 WP Inventory Manager <= 2.3.2 - Reflected Cross-Site Scripting

The WP Inventory Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'message' parameter in all versions up to, and including, 2.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrar...

6.1CVSS0.0028EPSS
Exploits0References2
Rows per page
Query Builder