Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:13 a.m.7 views

CVE-2024-9177

The Themedy Toolbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's themedycol, themedysociallink, themedyalertbox, and themedypullleft shortcodes in all versions up to, and including, 1.0.14, and up to, and including 1.0.15 for the plugin's themedybutton...

6.4CVSS5.8AI score0.00376EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/26 1:54 p.m.13 views

CVE-2024-9177 Themedy Toolbox <= 1.0.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Shortcodes

The Themedy Toolbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's themedycol, themedysociallink, themedyalertbox, and themedypullleft shortcodes in all versions up to, and including, 1.0.14, and up to, and including 1.0.15 for the plugin's themedybutton...

6.4CVSS5.8AI score0.00376EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/09/26 1:54 p.m.28 views

CVE-2024-9177 Themedy Toolbox <= 1.0.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Shortcodes

The Themedy Toolbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's themedycol, themedysociallink, themedyalertbox, and themedypullleft shortcodes in all versions up to, and including, 1.0.14, and up to, and including 1.0.15 for the plugin's themedybutton...

6.4CVSS0.00376EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/09/26 12:0 a.m.13 views

WordPress Themedy Toolbox Plugin <= 1.0.15 is vulnerable to Cross Site Scripting (XSS)

Software Themedy Toolbox Type Plugin Vulnerable versions = 1.0.15 Fixed in 1.0.16 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9177 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 23274631c438 Credits Francesco Carlucci...

6.4CVSS5.9AI score0.00376EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder