Lucene search
+L

6 matches found

NVD
NVD
added 2024/07/20 9:15 a.m.28 views

CVE-2024-37956

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Vektor,Inc. VK All in One Expansion Unit allows Stored XSS.This issue affects VK All in One Expansion Unit: from n/a through 9.99.1.0...

6.5CVSS0.00313EPSS
Exploits0References1
CVE
CVE
added 2024/07/20 8:16 a.m.49 views

CVE-2024-37956

CVE-2024-37956 is a Stored XSS in VK All in One Expansion Unit (Vektor, VK All in One) affecting versions 9.98.1.0 through 9.99.1.0. Root cause: improper input handling during web page generation leading to script injection. Public surfaces beyond those versions are not detailed here. PTSecurity ...

6.5CVSS6.7AI score0.00313EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/07/20 8:16 a.m.10 views

CVE-2024-37956 WordPress VK All in One Expansion Unit plugin <= 9.99.1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Vektor,Inc. VK All in One Expansion Unit allows Stored XSS.This issue affects VK All in One Expansion Unit: from n/a through 9.99.1.0...

6.5CVSS6.7AI score0.00313EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/20 8:16 a.m.28 views

CVE-2024-37956 WordPress VK All in One Expansion Unit plugin <= 9.99.1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Vektor,Inc. VK All in One Expansion Unit allows Stored XSS.This issue affects VK All in One Expansion Unit: from n/a through 9.99.1.0...

6.5CVSS0.00313EPSS
Exploits0References1
OSV
OSV
added 2024/07/20 8:16 a.m.8 views

CVE-2024-37956 WordPress VK All in One Expansion Unit plugin <= 9.99.1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Vektor,Inc. VK All in One Expansion Unit allows Stored XSS.This issue affects VK All in One Expansion Unit: from n/a through 9.99.1.0...

6.5CVSS5.9AI score0.00313EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/07/10 12:0 a.m.13 views

WordPress VK All in One Expansion Unit Plugin <= 9.99.1.0 is vulnerable to Cross Site Scripting (XSS)

Software VK All in One Expansion Unit Type Plugin Vulnerable versions = 9.99.1.0 Fixed in 9.99.2.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37956 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 525bd2086dbb Credits savphill Required...

6.5CVSS6.6AI score0.00313EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder