Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:3 a.m.8 views

CVE-2024-39648

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Themewinter Eventin allows Stored XSS.This issue affects Eventin: from n/a through 4.0.5...

5.9CVSS6.8AI score0.00294EPSS
Exploits0References1
NVD
NVD
added 2024/08/01 10:15 p.m.22 views

CVE-2024-39648

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Themewinter Eventin allows Stored XSS.This issue affects Eventin: from n/a through 4.0.5...

5.9CVSS0.00294EPSS
Exploits0References1
CVE
CVE
added 2024/08/01 9:56 p.m.66 views

CVE-2024-39648

CVE-2024-39648 is a stored XSS flaw in the Themewinter Eventin WordPress plugin. Public sources indicate vulnerability in Eventin versions n/a–4.0.5, with Patchstack noting a fix in 4.0.6. Providers (NVD/Red Hat/Wordfence) describe the flaw as improper input neutralization during web page generat...

5.9CVSS5.7AI score0.00294EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/08/01 9:56 p.m.18 views

CVE-2024-39648 WordPress Eventin plugin <= 4.0.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Themewinter Eventin allows Stored XSS.This issue affects Eventin: from n/a through 4.0.5...

5.9CVSS6.8AI score0.00294EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/08/01 12:0 a.m.14 views

WordPress Eventin Plugin <= 4.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Eventin Type Plugin Vulnerable versions = 4.0.5 Fixed in 4.0.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-39648 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 722abe293d5f Credits justakazh Required privilege Author Published ...

5.9CVSS6.6AI score0.00294EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder