Lucene search
+L

4 matches found

Circl
Circl
added 2025/01/18 6:4 a.m.6 views

CVE-2024-9020

creationtimestamp| type| source ---|---|--- 2025-01-18 06:04:04+00:00| seen| https://infosec.exchange/users/cve/statuses/113847844465944239 2025-01-18 06:15:47+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfynunogad2w 2025-01-18 06:34:13+00:00| seen|...

5.4CVSS7.3AI score0.00313EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/01/18 6:0 a.m.9 views

CVE-2024-9020 List category posts < 0.90.3 - Author+ Stored XSS

The List category posts WordPress plugin before 0.90.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4AI score0.00313EPSS
Exploits1References1
CVE
CVE
added 2025/01/18 6:0 a.m.52 views

CVE-2024-9020

The CVE-2024-9020 entry affects the WordPress plugin List category posts, specifically versions prior to 0.90.3. The vulnerability is a Stored Cross-Site Scripting (XSS) flaw caused by insufficient validation/escaping of shortcode attributes, which can allow users with Contributor+ privileges to ...

5.4CVSS5.9AI score0.00313EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2025/01/18 6:0 a.m.9 views

CVE-2024-9020 List category posts < 0.90.3 - Author+ Stored XSS

The List category posts WordPress plugin before 0.90.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS7.2AI score0.00313EPSS
Exploits1References3
Rows per page
Query Builder