Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:2 a.m.7 views

CVE-2024-6018

The Music Request Manager WordPress plugin through 1.3 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

6.1CVSS6.3AI score0.00307EPSS
Exploits1
Cvelist
Cvelist
added 2024/09/12 6:0 a.m.20 views

CVE-2024-6018 Music Request Manager <= 1.3 - Reflected XSS

The Music Request Manager WordPress plugin through 1.3 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

0.00307EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/09/12 6:0 a.m.14 views

CVE-2024-6018 Music Request Manager <= 1.3 - Reflected XSS

The Music Request Manager WordPress plugin through 1.3 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

6.2AI score0.00307EPSS
Exploits1References1
Patchstack
Patchstack
added 2024/08/27 12:0 a.m.10 views

WordPress Music Request Manager Plugin <= 1.3 is vulnerable to Cross Site Scripting (XSS)

Software Music Request Manager Type Plugin Vulnerable versions = 1.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6018 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 864294ddb006 Credits Bob Matyas...

6.1CVSS5.8AI score0.00307EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder