5 matches found
CVE-2024-38670
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Team Members allows Stored XSS.This issue affects Team Members: from n/a through 5.3.3...
CVE-2024-38670
CVE-2024-38670 is a stored Cross-Site Scripting flaw in the WordPress plugin Team Members (vulnerable through 5.3.3). It arises from improper input neutralization during web page generation, enabling stored XSS. The CVSS v3.1 base score is 6.5 (AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L). Patch status i...
CVE-2024-38670 WordPress Team Members plugin <= 5.3.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Team Members allows Stored XSS.This issue affects Team Members: from n/a through 5.3.3...
CVE-2024-38670 WordPress Team Members plugin <= 5.3.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Team Members allows Stored XSS.This issue affects Team Members: from n/a through 5.3.3...
WordPress Team Members Plugin <= 5.3.3 is vulnerable to Cross Site Scripting (XSS)
Software Team Members Type Plugin Vulnerable versions = 5.3.3 Fixed in 5.3.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-38670 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID f0e47f407025 Credits Jean Tirstan T Required privilege...