3 matches found
WordPress Customily Product Personalizer Plugin <= 1.23.3 is vulnerable to Cross Site Scripting (XSS)
Software Customily Product Personalizer Type Plugin Vulnerable versions = 1.23.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1774 Patch priority Medium CVSS severity Medium 7.2 Developer Claim ownership PSID 736e090b7cc5 Credits...
CVE-2024-1774
The Customily Product Personalizer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via user cookies in all versions up to, and including, 1.23.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...
CVE-2024-1774 Customily Product Personalizer <= 1.23.3 - Unauthenticated Stored Cross-Site Scripting
The Customily Product Personalizer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via user cookies in all versions up to, and including, 1.23.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...