Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/04 11:41 p.m.5 views

CVE-2024-22286

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aluka BA Plus – Before & After Image Slider FREE allows Reflected XSS.This issue affects BA Plus – Before & After Image Slider FREE: from n/a through 1.0.3...

7.1CVSS7AI score0.00331EPSS
Exploits0References1
CVE
CVE
added 2024/01/31 5:52 p.m.56 views

CVE-2024-22286

CVE-2024-22286 is a reflected XSS in WordPress plugin BA Plus – Before & After Image Slider FREE (versions up to 1.0.3). Root cause: improper input neutralization during web page generation. Affected: BA Plus plugin for WordPress. Impact: reflected cross-site scripting; exploitation status not de...

7.1CVSS7AI score0.00331EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/31 5:52 p.m.15 views

CVE-2024-22286 WordPress BA Plus Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aluka BA Plus – Before & After Image Slider FREE allows Reflected XSS.This issue affects BA Plus – Before & After Image Slider FREE: from n/a through 1.0.3...

7.1CVSS6.8AI score0.00331EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/01/16 12:0 a.m.10 views

WordPress BA Plus Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software BA Plus Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-22286 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4a8287da299c Credits Dimas Maulana Required privilege...

7.1CVSS6.5AI score0.00331EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder