2 matches found
CVE-2024-1720
CVE-2024-1720: WordPress Plugin—User Registration (Custom Registration Form, Login Form, User Profile). Stored XSS via the Display Name parameter affects all versions up to 3.1.4. Exploitation requires social engineering and a user to login, per description; Wordfence/Red Hat entries align with t...
WordPress User Registration Plugin <= 3.1.4 is vulnerable to Cross Site Scripting (XSS)
Software User Registration Type Plugin Vulnerable versions = 3.1.4 Fixed in 3.1.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1720 Patch priority Low CVSS severity Low 7.1 Developer Masteriyo PSID f3574c07a0a6 Credits stealthcopter Required...