Lucene search
+L

4 matches found

patchstack
patchstack
added 2024/07/15 12:0 a.m.16 views

WordPress If-So Dynamic Content Personalization Plugin < 1.8.0.4 is vulnerable to Cross Site Scripting (XSS)

Software If-So Dynamic Content Personalization Type Plugin Vulnerable versions 1.8.0.4 Fixed in 1.8.0.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5713 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f3d046f23273...

5.4CVSS5.7AI score0.00353EPSS
Exploits1References4Affected Software1
osv
osv
added 2024/07/13 6:15 a.m.2 views

CVE-2024-5713

The If-So Dynamic Content Personalization WordPress plugin before 1.8.0.4 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

5.4CVSS5.8AI score0.00353EPSS
Exploits1References1
vulnrichment
vulnrichment
added 2024/07/13 6:0 a.m.11 views

CVE-2024-5713 if-so < 1.8.0.4 - Reflected XSS

The If-So Dynamic Content Personalization WordPress plugin before 1.8.0.4 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

6.4AI score0.00353EPSS
Exploits1References1
cvelist
cvelist
added 2024/07/13 6:0 a.m.31 views

CVE-2024-5713 if-so < 1.8.0.4 - Reflected XSS

The If-So Dynamic Content Personalization WordPress plugin before 1.8.0.4 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

0.00353EPSS
Exploits1References1
Rows per page
Query Builder