2 matches found
CVE-2024-1985
CVE-2024-1985 affects the WordPress plugin Simple Membership . It is a Stored XSS via the Display Name parameter in versions up to 4.4.2, caused by insufficient input sanitization and output escaping. The vulnerability could let an attacker inject scripts that execute when a user loads a page. Ex...
WordPress Simple Membership Plugin <= 4.4.2 is vulnerable to Cross Site Scripting (XSS)
Software Simple Membership Type Plugin Vulnerable versions = 4.4.2 Fixed in 4.4.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1985 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 92a2812ee783 Credits stealthcopter Required...