CVE-2024-29803 WordPress FlatPM plugin < 3.1.05 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mehanoid.Pro FlatPM allows Stored XSS.This issue affects FlatPM: from n/a before 3.1.05...

CVE-2024-29803 WordPress FlatPM plugin < 3.1.05 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mehanoid.Pro FlatPM allows Stored XSS.This issue affects FlatPM: from n/a before 3.1.05...

CVE-2024-29803

CVE-2024-29803 is a Stored XSS in FlatPM (Mehanoid.Pro) for WordPress, exploitable via the FlatPM plugin before 3.1.05. Root cause: improper input neutralization in web page generation. Impact: MEDIUM (CVSS 3.1 base 6.5) with potential confidentiality/integrity/availability impacts as described; ...

WordPress FlatPM Plugin < 3.1.05 is vulnerable to Cross Site Scripting (XSS)

Software FlatPM Type Plugin Vulnerable versions 3.1.05 Fixed in 3.1.05 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29803 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 707de1bb10ec Credits Ngô Thiên An ancorn from VNPT-VCI Required...