Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:42 a.m.17 views

CVE-2024-37488

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HelloAsso HelloAsso helloasso.This issue affects HelloAsso: from n/a through = 1.1.9...

6.5CVSS5.9AI score0.00279EPSS
Exploits0References1
CVE
CVE
added 2024/07/21 7:30 a.m.56 views

CVE-2024-37488

The CVE-2024-37488 entry concerns HelloAsso for WordPress (HelloAsso plugin) with versions up to 1.1.9. The connected documents indicate an “Authenticated Stored Cross-Site Scripting” vulnerability caused by improper input neutralization during web page generation, which can enable stored XSS whe...

6.5CVSS5.9AI score0.00279EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/07/21 7:30 a.m.16 views

CVE-2024-37488 WordPress HelloAsso plugin <= 1.1.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in HelloAsso allows Stored XSS.This issue affects HelloAsso: from n/a through 1.1.9...

6.5CVSS6.8AI score0.00279EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/07/04 12:0 a.m.14 views

WordPress HelloAsso Plugin <= 1.1.9 is vulnerable to Cross Site Scripting (XSS)

Software HelloAsso Type Plugin Vulnerable versions = 1.1.9 Fixed in 1.1.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37488 Patch priority Low CVSS severity Low 6.5 Developer HelloAsso PSID 06d0e3dad62d Credits justakazh Required privilege Contributor Publishe...

6.5CVSS6.6AI score0.00279EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder