5 matches found
CVE-2024-37253
Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in WpDirectoryKit WP Directory Kit allows Code Injection.This issue affects WP Directory Kit: from n/a through 1.3.6...
CVE-2024-37253 WordPress WPDirectoryKit plugin <= 1.3.6 - HTML Injection vulnerability
Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in WpDirectoryKit WP Directory Kit allows Code Injection.This issue affects WP Directory Kit: from n/a through 1.3.6...
CVE-2024-37253 WordPress WPDirectoryKit plugin <= 1.3.6 - HTML Injection vulnerability
Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in WpDirectoryKit WP Directory Kit allows Code Injection.This issue affects WP Directory Kit: from n/a through 1.3.6...
CVE-2024-37253
CVE-2024-37253 describes an HTML injection vulnerability in the WordPress plugin WP Directory Kit (affected: versions <= 1.3.6) due to improper neutralization of output in a downstream element. The CVE is documented across multiple feeds (NVD/Red Hat/CVE list) with the Wordfence vulnerability ...
WordPress WP Directory Kit Plugin <= 1.3.6 is vulnerable to Content Injection
Software WP Directory Kit Type Plugin Vulnerable versions = 1.3.6 Fixed in 1.3.7 OWASP Top 10 A3: Injection Classification Content Injection CVE CVE-2024-37253 Patch priority Low CVSS severity Low 2.7 Developer Claim ownership PSID 2b9e3c80ffdc Credits Sandeep Vishwakarma from eSec Forte...