Lucene search
+L

6 matches found

NVD
NVD
added 2024/11/09 3:15 p.m.15 views

CVE-2024-51603

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mirceatm NMR Strava activities nmr-strava-activities allows DOM-Based XSS.This issue affects NMR Strava activities: from n/a through = 1.0.7...

6.5CVSS0.00248EPSS
Exploits0References1
Circl
Circl
added 2024/11/09 2:32 p.m.8 views

CVE-2024-51603

creationtimestamp| type| source ---|---|--- 2024-11-09 14:32:13+00:00| seen| https://infosec.exchange/users/cve/statuses/113453480890896239 2024-11-09 17:16:31+00:00| seen| https://t.me/cvedetector/10397...

6.5CVSS4.8AI score0.00248EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/09 2:30 p.m.16 views

CVE-2024-51603 WordPress NMR Strava activities plugin <= 1.0.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mirceatm NMR Strava activities nmr-strava-activities allows DOM-Based XSS.This issue affects NMR Strava activities: from n/a through = 1.0.7...

6.5CVSS5.9AI score0.00248EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/09 2:30 p.m.31 views

CVE-2024-51603 WordPress NMR Strava activities plugin <= 1.0.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mirceatm NMR Strava activities nmr-strava-activities allows DOM-Based XSS.This issue affects NMR Strava activities: from n/a through = 1.0.7...

6.5CVSS0.00248EPSS
Exploits0References1
CVE
CVE
added 2024/11/09 2:30 p.m.70 views

CVE-2024-51603

CVE-2024-51603 affects the WordPress plugin NMR Strava activities up to version 1.0.6. It is a DOM-based XSS caused by improper input neutralization during page generation. Exploitation details are not provided in the documents; success could lead to attacker-supplied script executing in a victim...

6.5CVSS5.9AI score0.00248EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/31 12:0 a.m.18 views

WordPress NMR Strava activities Plugin <= 1.0.6 is vulnerable to Cross Site Scripting (XSS)

Software NMR Strava activities Type Plugin Vulnerable versions = 1.0.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51603 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID e4915bebbc1d Credits SOPROBRO Required privilege...

6.5CVSS6.9AI score0.00248EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder