Lucene search
K

4 matches found

Patchstack
Patchstack
added 2025/05/19 2:22 a.m.6 views

WordPress Wordpress Clicksold IDX Plugin plugin <= 1.90 - Admin+ XSS vulnerability

Admin+ XSS vulnerability discovered by Amandeep Singh Banga in WordPress Plugin Clicksold IDX versions = 1.90...

4.8CVSS6.2AI score0.00302EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2025/05/15 8:15 p.m.14 views

CVE-2024-7769

The ClickSold IDX WordPress plugin through 1.90 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS0.00302EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/05/15 8:7 p.m.8 views

CVE-2024-7769 Wordpress Clicksold IDX Plugin <= 1.90 - Admin+ XSS

The ClickSold IDX WordPress plugin through 1.90 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.8AI score0.00302EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/05/15 8:7 p.m.12 views

CVE-2024-7769 Wordpress Clicksold IDX Plugin <= 1.90 - Admin+ XSS

The ClickSold IDX WordPress plugin through 1.90 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

0.00302EPSS
Exploits1References1
Rows per page
Query Builder