3 matches found
CVE-2024-1759
The WP ULike – Most Advanced WordPress Marketing Toolkit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a user's display name in all versions up to, and including, 4.6.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2024-1759
The WP ULike – Most Advanced WordPress Marketing Toolkit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a user's display name in all versions up to, and including, 4.6.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
WordPress WP ULike Plugin <= 4.6.9 is vulnerable to Cross Site Scripting (XSS)
Software WP ULike Type Plugin Vulnerable versions = 4.6.9 Fixed in 4.7.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1759 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID db48c23d8083 Credits stealthcopter Required...