Lucene search
K

4 matches found

NVD
NVD
added 2024/04/26 5:15 a.m.27 views

CVE-2024-3048

The Bannerlid WordPress plugin through 1.1.0 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as administrators...

5.5CVSS5.9AI score0.00431EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/04/26 5:0 a.m.21 views

CVE-2024-3048 Bannerlid <= 1.1.0 - Reflected XSS

The Bannerlid WordPress plugin through 1.1.0 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as administrators...

6.1AI score0.00431EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2024/04/26 5:0 a.m.11 views

CVE-2024-3048 Bannerlid <= 1.1.0 - Reflected XSS

The Bannerlid WordPress plugin through 1.1.0 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as administrators...

6.1AI score0.00431EPSS
Exploits2References1
Patchstack
Patchstack
added 2024/04/08 12:0 a.m.12 views

WordPress Bannerlid Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software Bannerlid Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3048 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID febfae6c0eaf Credits Bob Matyas Required...

5.5CVSS5.6AI score0.00431EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder