2 matches found
CVE-2024-29097
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins User profile allows Stored XSS.This issue affects User profile: from n/a through 2.0.20...
CVE-2024-29097
CVE-2024-29097 is a Stored XSS in PickPlugins User profile for WordPress caused by improper input neutralization during page generation. Affected versions: up to and including 2.0.20. Public advisories (Red Hat, Wordfence) confirm the issue and indicate a patch has been issued, but the exact patc...