5 matches found
CVE-2024-37558
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Nazmul Hossain Nihal WPFavicon allows Stored XSS.This issue affects WPFavicon: from n/a through 2.1.1...
CVE-2024-37558 WordPress WPFavicon plugin <= 2.1.1 - Cross-Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Nazmul Hossain Nihal WPFavicon allows Stored XSS.This issue affects WPFavicon: from n/a through 2.1.1...
CVE-2024-37558 WordPress WPFavicon plugin <= 2.1.1 - Cross-Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Nazmul Hossain Nihal WPFavicon allows Stored XSS.This issue affects WPFavicon: from n/a through 2.1.1...
CVE-2024-37558
CVE-2024-37558 affects the WordPress plugin WPFavicon (Nazmul Hossain Nihal) with an stored XSS due to improper neutralization of input during web page generation. The vulnerability affects the plugin for versions up to and including 2.1.1 (no newer versions indicated in the provided documents). ...
WordPress WPFavicon Plugin <= 2.1.1 is vulnerable to Cross Site Request Forgery (CSRF)
Software WPFavicon Type Plugin Vulnerable versions = 2.1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Request Forgery CSRF CVE CVE-2024-37558 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID f7589e2e3c1a Credits Cronus Required privilege Administrator...