Lucene search
K

8 matches found

Nuclei
Nuclei
added 11 hours ago7 views

WP Extended < 3.0.0 - Stored Cross-Site Scripting

The Ultimate WordPress Toolkit - WP Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.4.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts i...

7.1CVSS6.2AI score0.0063EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/02/05 12:41 a.m.8 views

CVE-2024-37259

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Extended The Ultimate WordPress Toolkit – WP Extended wpextended.This issue affects The Ultimate WordPress Toolkit – WP Extended: from n/a through = 2.4.7...

7.1CVSS5.9AI score0.0063EPSS
Exploits0References1
OSV
OSV
added 2024/07/22 9:15 a.m.3 views

CVE-2024-37259

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WP Extended The Ultimate WordPress Toolkit – WP Extended allows Reflected XSS.This issue affects The Ultimate WordPress Toolkit – WP Extended: from n/a through 2.4.7...

6.1CVSS5.8AI score0.0063EPSS
Exploits0References1
NVD
NVD
added 2024/07/22 9:15 a.m.23 views

CVE-2024-37259

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Extended The Ultimate WordPress Toolkit – WP Extended wpextended.This issue affects The Ultimate WordPress Toolkit – WP Extended: from n/a through = 2.4.7...

7.1CVSS0.0063EPSS
Exploits0References2
CVE
CVE
added 2024/07/22 9:4 a.m.54 views

CVE-2024-37259

CVE-2024-37259 affects The Ultimate WordPress Toolkit – WP Extended (WP Extended) plugin. Public sources describe Cross-Site Scripting (XSS) in WP Extended up to version 2.4.7, with varying classifications across sources: the NVD entry cites Reflected XSS, while other connected templates discuss ...

7.1CVSS5.9AI score0.0063EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/07/22 9:4 a.m.236 views

CVE-2024-37259 WordPress WP Extended plugin <= 2.4.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Extended The Ultimate WordPress Toolkit – WP Extended wpextended.This issue affects The Ultimate WordPress Toolkit – WP Extended: from n/a through = 2.4.7...

7.1CVSS0.0063EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/06/27 12:0 a.m.13 views

WordPress The Ultimate WordPress Toolkit – WP Extended Plugin <= 2.4.7 is vulnerable to Cross Site Scripting (XSS)

Software The Ultimate WordPress Toolkit – WP Extended Type Plugin Vulnerable versions = 2.4.7 Fixed in 3.0.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37259 Patch priority Medium CVSS severity Medium 7.1 Developer WP Extended PSID 6e88ac2a1e7f Credits Yudisti...

7.1CVSS6.6AI score0.0063EPSS
Exploits0References2Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2024/06/27 12:0 a.m.3 views

VulnCheck KEV: CVE-2024-37259

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Extended The Ultimate WordPress Toolkit – WP Extended wpextended.This issue affects The Ultimate WordPress Toolkit – WP Extended: from n/a through = 2.4.7...

6.1CVSS5.8AI score0.0063EPSS
Exploits0References1
Rows per page
Query Builder