Lucene search
K

4 matches found

NVD
NVD
added 2024/07/06 1:15 p.m.26 views

CVE-2024-37539

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Delower WP To Do allows Stored XSS.This issue affects WP To Do: from n/a through 1.3.0...

6.5CVSS0.00277EPSS
Exploits0References1
CVE
CVE
added 2024/07/06 12:13 p.m.53 views

CVE-2024-37539

CVE-2024-37539 is a Stored XSS vulnerability in the WP To Do (Delower WP To Do) WordPress plugin, affectin g WP To Do versions from n/a up to 1.3.0. The connected Wordfence entry lists the vulnerability as Unpatched for WP To Do ≤ 1.3.0, and notes the issue is an improper neutralization of input ...

6.5CVSS6.2AI score0.00277EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/07/06 12:13 p.m.30 views

CVE-2024-37539 WordPress WP To Do plugin <= 1.3.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Delower WP To Do allows Stored XSS.This issue affects WP To Do: from n/a through 1.3.0...

6.5CVSS0.00277EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/07/06 12:0 a.m.10 views

WordPress WP To Do Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software WP To Do Type Plugin Vulnerable versions = 1.3.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37539 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 8e78be231480 Credits younsoung kim, SeoHyeon Lee, MyungJu Kim, SeoHe...

6.5CVSS6.6AI score0.00277EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder