Lucene search
+L

4 matches found

redhatcve
redhatcve
added 2026/01/09 9:4 a.m.8 views

CVE-2024-41816

Cooked is a recipe plugin for WordPress. The Cooked plugin for WordPress is vulnerable to Persistent Cross-Site Scripting XSS via the ‘cooked-timer’ shortcode in versions up to, and including, 1.8.0 due to insufficient input sanitization and output escaping. This vulnerability allows authenticate...

5.4CVSS5.7AI score0.00381EPSS
Exploits1References1
patchstack
patchstack
added 2024/08/06 12:0 a.m.11 views

WordPress Cooked Plugin <= 1.8.0 is vulnerable to Cross Site Scripting (XSS)

Software Cooked Type Plugin Vulnerable versions = 1.8.0 Fixed in 1.8.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-41816 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 18a7c8d0faab Credits re-alter Required privilege Subscriber...

5.4CVSS6.5AI score0.00381EPSS
Exploits1References3Affected Software1
nvd
nvd
added 2024/08/05 8:15 p.m.32 views

CVE-2024-41816

Cooked is a recipe plugin for WordPress. The Cooked plugin for WordPress is vulnerable to Persistent Cross-Site Scripting XSS via the ‘cooked-timer’ shortcode in versions up to, and including, 1.8.0 due to insufficient input sanitization and output escaping. This vulnerability allows authenticate...

5.4CVSS0.00381EPSS
Exploits1References2
osv
osv
added 2024/08/05 8:12 p.m.18 views

CVE-2024-41816 WordPress Cooked Plugin Persistent Cross-Site Scripting via Shortcode

Cooked is a recipe plugin for WordPress. The Cooked plugin for WordPress is vulnerable to Persistent Cross-Site Scripting XSS via the ‘cooked-timer’ shortcode in versions up to, and including, 1.8.0 due to insufficient input sanitization and output escaping. This vulnerability allows authenticate...

5.4CVSS5.4AI score0.00381EPSS
Exploits1References4
Rows per page
Query Builder