2 matches found
CVE-2024-33916
CVE-2024-33916 affects MachoThemes CPO Companion for WordPress (CPO Companion plugin) with Stored XSS via input during web page generation. Root cause: improper neutralization of input. Affected range: from n/a through 1.1.0. Publicly available details from RH and Wordfence confirm the vulnerabil...
WordPress CPO Companion Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)
Software CPO Companion Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-33916 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 57daf6c77a1b Credits Ngô Thiên An ancorn from VNPT-VCI Required...