2 matches found
CVE-2024-8786 Auto Featured Image from Title <= 2.3 - Reflected Cross-Site Scripting
The Auto Featured Image from Title plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 2.3. This makes it possible for unauthenticated attackers to inject arbitrary web...
WordPress Auto Featured Image from Title Plugin <= 2.3 is vulnerable to Cross Site Scripting (XSS)
Software Auto Featured Image from Title Type Plugin Vulnerable versions = 2.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8786 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2889e0c9e9d2 Credits vgo0...