8 matches found
WP Extended < 3.0.0 - Stored Cross-Site Scripting
The Ultimate WordPress Toolkit - WP Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.4.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts i...
CVE-2024-37259
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Extended The Ultimate WordPress Toolkit – WP Extended wpextended.This issue affects The Ultimate WordPress Toolkit – WP Extended: from n/a through = 2.4.7...
CVE-2024-37259
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WP Extended The Ultimate WordPress Toolkit – WP Extended allows Reflected XSS.This issue affects The Ultimate WordPress Toolkit – WP Extended: from n/a through 2.4.7...
CVE-2024-37259
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Extended The Ultimate WordPress Toolkit – WP Extended wpextended.This issue affects The Ultimate WordPress Toolkit – WP Extended: from n/a through = 2.4.7...
CVE-2024-37259
CVE-2024-37259 affects The Ultimate WordPress Toolkit – WP Extended (WP Extended) plugin. Public sources describe Cross-Site Scripting (XSS) in WP Extended up to version 2.4.7, with varying classifications across sources: the NVD entry cites Reflected XSS, while other connected templates discuss ...
CVE-2024-37259 WordPress WP Extended plugin <= 2.4.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Extended The Ultimate WordPress Toolkit – WP Extended wpextended.This issue affects The Ultimate WordPress Toolkit – WP Extended: from n/a through = 2.4.7...
WordPress The Ultimate WordPress Toolkit – WP Extended Plugin <= 2.4.7 is vulnerable to Cross Site Scripting (XSS)
Software The Ultimate WordPress Toolkit – WP Extended Type Plugin Vulnerable versions = 2.4.7 Fixed in 3.0.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37259 Patch priority Medium CVSS severity Medium 7.1 Developer WP Extended PSID 6e88ac2a1e7f Credits Yudisti...
VulnCheck KEV: CVE-2024-37259
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Extended The Ultimate WordPress Toolkit – WP Extended wpextended.This issue affects The Ultimate WordPress Toolkit – WP Extended: from n/a through = 2.4.7...