Lucene search
K

5 matches found

Patchstack
Patchstack
added 2025/05/19 1:49 a.m.6 views

WordPress PVN Auth Popup plugin <= 1.0.0 - Contributor+ XSS via Shortcode vulnerability

Contributor+ XSS via Shortcode vulnerability discovered by Bob Matyas in WordPress Plugin PVN Auth Popup versions = 1.0.0...

5.4CVSS6.2AI score0.00258EPSS
Exploits1References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/17 9:2 p.m.8 views

CVE-2024-6718

The PVN Auth Popup WordPress plugin through 1.0.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS5.9AI score0.00258EPSS
Exploits1References1
NVD
NVD
added 2025/05/15 8:15 p.m.6 views

CVE-2024-6718

The PVN Auth Popup WordPress plugin through 1.0.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS0.00258EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/05/15 8:7 p.m.16 views

CVE-2024-6718 PVN Auth Popup <= 1.0.0 - Contributor+ XSS via Shortcode

The PVN Auth Popup WordPress plugin through 1.0.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

0.00258EPSS
Exploits1References1
CVE
CVE
added 2025/05/15 8:7 p.m.26 views

CVE-2024-6718

The CVE-2024-6718 entry concerns the PVN Auth Popup WordPress plugin (versions

5.4CVSS5.9AI score0.00258EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder