Lucene search
+L

5 matches found

NVD
NVD
added 2024/07/04 7:15 p.m.40 views

CVE-2024-37472

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WofficeIO Woffice woffice.This issue affects Woffice: from n/a through = 5.4.8...

7.1CVSS0.00333EPSS
Exploits0References2
CVE
CVE
added 2024/07/04 6:48 p.m.78 views

CVE-2024-37472

CVE-2024-37472 is a reflected XSS in Woffice Core / Woffice CRM affecting Woffice versions up to 5.4.8. The issue allows injection of script in victims’ browsers and requires user interaction. Patch availability: latest fixed version stated as 5.4.8; CVSS base score and details vary by source.

7.1CVSS5.9AI score0.00333EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/07/04 6:48 p.m.38 views

CVE-2024-37472 WordPress Woffice theme <= 5.4.8 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WofficeIO Woffice woffice.This issue affects Woffice: from n/a through = 5.4.8...

7.1CVSS0.00333EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/04 6:48 p.m.18 views

CVE-2024-37472 WordPress Woffice theme <= 5.4.8 - Reflected Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability in WofficeIO Woffice allows Reflected XSS.This issue affects Woffice: from n/a through 5.4.8...

7.1CVSS6AI score0.00333EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/07/01 12:0 a.m.16 views

WordPress Woffice Theme <= 5.4.8 is vulnerable to Cross Site Scripting (XSS)

Software Woffice Type Theme Vulnerable versions = 5.4.8 Fixed in 5.4.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37472 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 742e892a0fa2 Credits Rafie Muhammad Patchstack Required...

7.1CVSS6.6AI score0.00333EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder