Lucene search
+L

4 matches found

Circl
Circl
added 2025/02/18 5:17 a.m.24 views

CVE-2024-13848

creationtimestamp| type| source ---|---|--- 2025-02-18 05:17:06+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ligj2azvqe2t 2025-02-18 07:56:48+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/4738 2025-02-18 09:16:50+00:00| seen| https://t.me/cvedetector/18280...

5.5CVSS7.3AI score0.00242EPSS
Exploits0References4
NVD
NVD
added 2025/02/18 5:15 a.m.33 views

CVE-2024-13848

The Reaction Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permission...

5.5CVSS0.00242EPSS
Exploits0References2
CVE
CVE
added 2025/02/18 4:21 a.m.53 views

CVE-2024-13848

The CVE-2024-13848 entry concerns the Reaction Buttons WordPress plugin. It describes a Stored Cross-Site Scripting (XSS) vulnerability exploitable via admin settings, due to insufficient input sanitization and output escaping in versions up to 2.1.6. Exploitation requires administrator-level per...

5.5CVSS5.8AI score0.00242EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/18 4:21 a.m.7 views

CVE-2024-13848 Reaction Buttons <= 2.1.6 - Authenticated (Administrator+) Stored Cross-Site Scripting

The Reaction Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permission...

5.5CVSS5.8AI score0.00242EPSS
Exploits0References2
Rows per page
Query Builder