3 matches found
WordPress Giveaways and Contests by RafflePress Plugin < 1.12.14 is vulnerable to Cross Site Scripting (XSS)
Software Giveaways and Contests by RafflePress Type Plugin Vulnerable versions 1.12.14 Fixed in 1.12.14 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3963 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 0b4ece666566 Credits...
CVE-2024-3963 RafflePress Lite < 1.12.14 - Editor+ Stored XSS
The Giveaways and Contests by RafflePress WordPress plugin before 1.12.14 does not sanitise and escape some parameters, which could allow users with a role as low as editor to perform Cross-Site Scripting attacks...
CVE-2024-3963 RafflePress Lite < 1.12.14 - Editor+ Stored XSS
The Giveaways and Contests by RafflePress WordPress plugin before 1.12.14 does not sanitise and escape some parameters, which could allow users with a role as low as editor to perform Cross-Site Scripting attacks...