Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:47 a.m.8 views

CVE-2024-25919

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Hiroaki Miyashita Custom Field Template allows Stored XSS.This issue affects Custom Field Template: from n/a through 2.6...

6.5CVSS8.6AI score0.0032EPSS
Exploits0References1
NVD
NVD
added 2024/03/15 1:15 p.m.25 views

CVE-2024-25919

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Hiroaki Miyashita Custom Field Template allows Stored XSS.This issue affects Custom Field Template: from n/a through 2.6...

6.5CVSS6.4AI score0.0032EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/15 1:3 p.m.17 views

CVE-2024-25919 WordPress Custom Field Template plugin <= 2.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Hiroaki Miyashita Custom Field Template allows Stored XSS.This issue affects Custom Field Template: from n/a through 2.6...

6.5CVSS6.7AI score0.0032EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/15 1:3 p.m.30 views

CVE-2024-25919 WordPress Custom Field Template plugin <= 2.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Hiroaki Miyashita Custom Field Template allows Stored XSS.This issue affects Custom Field Template: from n/a through 2.6...

6.5CVSS6.6AI score0.0032EPSS
Exploits0References1
CVE
CVE
added 2024/03/15 1:3 p.m.64 views

CVE-2024-25919

CVE-2024-25919 affects the WordPress plugin Custom Field Template (versions up to and including 2.6). The issue is a Stored XSS flaw in the $search_label handling, resulting from improper input sanitization/output escaping. Exploitation could allow an authenticated attacker (Contributor level) to...

6.5CVSS8.6AI score0.0032EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/02/14 12:0 a.m.11 views

WordPress Custom Field Template Plugin <= 2.6 is vulnerable to Cross Site Scripting (XSS)

Software Custom Field Template Type Plugin Vulnerable versions = 2.6 Fixed in 2.6.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-25919 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 9a3d14013fc0 Credits LVT-tholv2k Required privilege...

6.5CVSS6.6AI score0.0032EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder