Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2024/04/15 5:0 a.m.17 views

CVE-2024-1849 WP Customer Reviews < 3.7.1 - Malicious Redirect via HTTP-EQUIV Injection

The WP Customer Reviews WordPress plugin before 3.7.1 does not validate a parameter allowing contributor and above users to redirect a page to a malicious URL...

6.7AI score0.00495EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/04/15 5:0 a.m.43 views

CVE-2024-1849 WP Customer Reviews < 3.7.1 - Malicious Redirect via HTTP-EQUIV Injection

The WP Customer Reviews WordPress plugin before 3.7.1 does not validate a parameter allowing contributor and above users to redirect a page to a malicious URL...

6.6AI score0.00495EPSS
Exploits2References1
CVE
CVE
added 2024/04/15 5:0 a.m.89 views

CVE-2024-1849

The CVE-2024-1849 entry concerns WP Customer Reviews for WordPress: versions prior to 3.7.1 expose an unvalidated parameter that allows contributors+ to redirect pages to a malicious URL. This is an Unvalidated Redirects and Forwards issue with a reported CVSS v3.1 base score of 5.4 (Medium). The...

5.4CVSS9.2AI score0.00495EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2024/04/15 12:0 a.m.10 views

WordPress WP Customer Reviews Plugin < 3.7.1 is vulnerable to Unvalidated Redirects and Forwards

Software WP Customer Reviews Type Plugin Vulnerable versions 3.7.1 Fixed in 3.7.1 OWASP Top 10 A3: Injection Classification Unvalidated Redirects and Forwards CVE CVE-2024-1849 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 694993a46a33 Credits Dmitrii Ignatyev Required...

5.4CVSS6.8AI score0.00495EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder