4 matches found
CVE-2024-1958
The WPB Show Core WordPress plugin before 2.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin or unauthenticated users...
CVE-2024-1958
The WPB Show Core WordPress plugin before 2.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin or unauthenticated users...
CVE-2024-1958
CVE-2024-1958 affects the WPB Show Core WordPress plugin prior to version 2.7, where a parameter is not sanitised/escaped before being output on the page, causing a Reflected XSS vulnerability. Patch/upgrade to WPB Show Core 2.7 or later to remediate; the vulnerability is triggered via output re...
CVE-2024-1958 WPB Show Core < 2.7 - Reflected XSS
The WPB Show Core WordPress plugin before 2.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin or unauthenticated users...