Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:23 a.m.10 views

CVE-2024-1958

The WPB Show Core WordPress plugin before 2.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin or unauthenticated users...

4.8CVSS6.3AI score0.00458EPSS
Exploits2References1
NVD
NVD
added 2024/04/08 5:15 a.m.15 views

CVE-2024-1958

The WPB Show Core WordPress plugin before 2.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin or unauthenticated users...

4.8CVSS6AI score0.00458EPSS
Exploits2References1
CVE
CVE
added 2024/04/08 5:0 a.m.99 views

CVE-2024-1958

CVE-2024-1958 affects the WPB Show Core WordPress plugin prior to version 2.7, where a parameter is not sanitised/escaped before being output on the page, causing a Reflected XSS vulnerability. Patch/upgrade to WPB Show Core 2.7 or later to remediat​e; the vulnerability is triggered via output re...

4.8CVSS6.2AI score0.00458EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2024/04/08 5:0 a.m.20 views

CVE-2024-1958 WPB Show Core < 2.7 - Reflected XSS

The WPB Show Core WordPress plugin before 2.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin or unauthenticated users...

6.1AI score0.00458EPSS
Exploits2References1
Rows per page
Query Builder