Lucene search
+L

4 matches found

vulnrichment
vulnrichment
added 2024/03/27 12:18 p.m.14 views

CVE-2024-29803 WordPress FlatPM plugin < 3.1.05 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mehanoid.Pro FlatPM allows Stored XSS.This issue affects FlatPM: from n/a before 3.1.05...

6.5CVSS6.5AI score0.00339EPSS
Exploits0References1
cve
cve
added 2024/03/27 12:18 p.m.59 views

CVE-2024-29803

CVE-2024-29803 is a Stored XSS in FlatPM (Mehanoid.Pro) for WordPress, exploitable via the FlatPM plugin before 3.1.05. Root cause: improper input neutralization in web page generation. Impact: MEDIUM (CVSS 3.1 base 6.5) with potential confidentiality/integrity/availability impacts as described; ...

6.5CVSS8.6AI score0.00339EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2024/03/27 12:18 p.m.18 views

CVE-2024-29803 WordPress FlatPM plugin < 3.1.05 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mehanoid.Pro FlatPM allows Stored XSS.This issue affects FlatPM: from n/a before 3.1.05...

6.5CVSS6.6AI score0.00339EPSS
Exploits0References1
patchstack
patchstack
added 2024/03/25 12:0 a.m.10 views

WordPress FlatPM Plugin < 3.1.05 is vulnerable to Cross Site Scripting (XSS)

Software FlatPM Type Plugin Vulnerable versions 3.1.05 Fixed in 3.1.05 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29803 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 707de1bb10ec Credits Ngô Thiên An ancorn from VNPT-VCI Required...

6.5CVSS6.6AI score0.00339EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder