5 matches found
CVE-2024-43353
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Saad Iqbal myCred mycred.This issue affects myCred: from n/a through = 2.7.2...
CVE-2024-43353
CVE-2024-43353 corresponds to a Stored XSS in the myCred WordPress plugin (Authenticated, Contributor+ context) via improper input neutralization during page generation for versions up to 2.7.2. The connected Wordfence entry indicates this vulnerability exists and has a patched fix (patch/remedy ...
CVE-2024-43353 WordPress myCred plugin <= 2.7.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Saad Iqbal myCred mycred.This issue affects myCred: from n/a through = 2.7.2...
CVE-2024-43353 WordPress myCred plugin <= 2.7.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Saad Iqbal myCred mycred.This issue affects myCred: from n/a through = 2.7.2...
WordPress myCred Plugin <= 2.7.2 is vulnerable to Cross Site Scripting (XSS)
Software myCred Type Plugin Vulnerable versions = 2.7.2 Fixed in 2.7.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43353 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a2faf75ac250 Credits LVT-tholv2k Required privilege Contributor...