3 matches found
CVE-2024-7090
creationtimestamp| type| source ---|---|--- 2024-08-21 09:01:44+00:00| seen| https://t.me/cvedetector/3732...
CVE-2024-7090 LH Add Media From Url <= 1.23 - Reflected Cross-Site Scripting
The LH Add Media From Url plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘lhaddmediafromurl-fileurl’ parameter in all versions up to, and including, 1.23 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers ...
WordPress LH Add Media From Url Plugin <= 1.23 is vulnerable to Cross Site Scripting (XSS)
Software LH Add Media From Url Type Plugin Vulnerable versions = 1.23 Fixed in 1.30 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-7090 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b062d0fb1671 Credits Piotr Kuśpit...