2 matches found
CVE-2024-6020 Sign-up Sheets < 2.2.13 - Reflected XSS
The Sign-up Sheets WordPress plugin before 2.2.13 does not escape some generated URLs, as well as the $SERVER'REQUESTURI' parameter before outputting them back in attributes, which could lead to Reflected Cross-Site Scripting...
CVE-2024-6020 Sign-up Sheets < 2.2.13 - Reflected XSS
The Sign-up Sheets WordPress plugin before 2.2.13 does not escape some generated URLs, as well as the $SERVER'REQUESTURI' parameter before outputting them back in attributes, which could lead to Reflected Cross-Site Scripting...