Lucene search
+L

4 matches found

redhatcve
redhatcve
added 2025/05/23 6:37 a.m.8 views

CVE-2024-8056

The MM-Breaking News WordPress plugin through 0.7.9 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

6.1CVSS6.2AI score0.00307EPSS
Exploits1References1
vulnrichment
vulnrichment
added 2024/09/12 6:0 a.m.10 views

CVE-2024-8056 MM-Breaking News <= 0.7.9 - Reflected XSS

The MM-Breaking News WordPress plugin through 0.7.9 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

6.2AI score0.00307EPSS
Exploits1References1
cvelist
cvelist
added 2024/09/12 6:0 a.m.26 views

CVE-2024-8056 MM-Breaking News <= 0.7.9 - Reflected XSS

The MM-Breaking News WordPress plugin through 0.7.9 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

0.00307EPSS
Exploits1References1
patchstack
patchstack
added 2024/09/12 12:0 a.m.12 views

WordPress MM-Breaking News Plugin <= 0.7.9 is vulnerable to Cross Site Scripting (XSS)

Software MM-Breaking News Type Plugin Vulnerable versions = 0.7.9 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8056 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f2e6bf25242a Credits Bob Matyas Required...

6.1CVSS5.7AI score0.00307EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder