3 matches found
CVE-2024-33926 WordPress GWP-Histats plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Karl Kiesinger GWP-Histats allows Stored XSS.This issue affects GWP-Histats: from n/a through 1.0...
CVE-2024-33926
CVE-2024-33926 relates to the GWP-Histats WordPress plugin. Connected data confirms an authenticated (Contributor+) Stored XSS via GWP-Histats
WordPress GWP-Histats Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)
Software GWP-Histats Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-33926 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0e72e427058e Credits Ngô Thiên An ancorn from VNPT-VCI Required...