6 matches found
CVE-2024-1956
The wpb-show-core WordPress plugin before 2.7 does not sanitise and escape the parameters before outputting it back in the response of an unauthenticated request, leading to a Reflected Cross-Site Scripting...
CVE-2024-1956
The wpb-show-core WordPress plugin before 2.7 does not sanitise and escape the parameters before outputting it back in the response of an unauthenticated request, leading to a Reflected Cross-Site Scripting...
CVE-2024-1956
CVE-2024-1956 affects the WordPress plugin WPB Show Core prior to version 2.7. The vulnerability is a reflected XSS caused by insufficient sanitization/escaping of parameters in responses to unauthenticated requests. Multiple sources (Red Hat, CVE lists, Patchstack, WPVulndb) confirm the issue an...
CVE-2024-1956 WPB Show Core < 2.7 - Reflected XSS
The wpb-show-core WordPress plugin before 2.7 does not sanitise and escape the parameters before outputting it back in the response of an unauthenticated request, leading to a Reflected Cross-Site Scripting...
CVE-2024-1956 WPB Show Core < 2.7 - Reflected XSS
The wpb-show-core WordPress plugin before 2.7 does not sanitise and escape the parameters before outputting it back in the response of an unauthenticated request, leading to a Reflected Cross-Site Scripting...
WordPress WPB Show Core Plugin < 2.7 is vulnerable to Cross Site Scripting (XSS)
Software WPB Show Core Type Plugin Vulnerable versions 2.7 Fixed in 2.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1956 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID bfdeecd15ddf Credits Bob Matyas Required privilege...