3 matches found
CVE-2024-4749
The wp-eMember WordPress plugin before 10.3.9 does not sanitize and escape the "fieldId" parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting...
CVE-2024-4749 WP eMember < 10.3.9 - Reflected XSS
The wp-eMember WordPress plugin before 10.3.9 does not sanitize and escape the "fieldId" parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting...
CVE-2024-4749
The CVE-2024-4749 entry concerns the WP eMember WordPress plugin (versions before 10.3.9). The vulnerability is a Reflected XSS due to the fieldId parameter not being sanitized/escaped before echo, potentially enabling script injection in output pages. Public details confirm affected software and...