2 matches found
CVE-2024-24836
CVE-2024-24836 is a stored XSS vulnerability in the Audrasjb GDPR Data Request Form WordPress plugin, affecting versions up to 1.6. The root cause is improper input neutralization during web page generation, enabling insertion of malicious scripts that are stored and later rendered to users. Mult...
WordPress GDPR Data Request Form Plugin <= 1.6 is vulnerable to Cross Site Scripting (XSS)
Software GDPR Data Request Form Type Plugin Vulnerable versions = 1.6 Fixed in 1.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-24836 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7fd021f643aa Credits Ngô Thiên An ancorn from VNPT-VCI...