5 matches found
CVE-2024-39648
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Themewinter Eventin allows Stored XSS.This issue affects Eventin: from n/a through 4.0.5...
CVE-2024-39648
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Themewinter Eventin allows Stored XSS.This issue affects Eventin: from n/a through 4.0.5...
CVE-2024-39648
CVE-2024-39648 is a stored XSS flaw in the Themewinter Eventin WordPress plugin. Public sources indicate vulnerability in Eventin versions n/a–4.0.5, with Patchstack noting a fix in 4.0.6. Providers (NVD/Red Hat/Wordfence) describe the flaw as improper input neutralization during web page generat...
CVE-2024-39648 WordPress Eventin plugin <= 4.0.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Themewinter Eventin allows Stored XSS.This issue affects Eventin: from n/a through 4.0.5...
WordPress Eventin Plugin <= 4.0.5 is vulnerable to Cross Site Scripting (XSS)
Software Eventin Type Plugin Vulnerable versions = 4.0.5 Fixed in 4.0.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-39648 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 722abe293d5f Credits justakazh Required privilege Author Published ...