4 matches found
CVE-2024-9211 FULL – Cliente <= 3.1.22 - Reflected Cross-Site Scripting
The FULL – Cliente plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 3.1.22. This makes it possible for unauthenticated attackers to inject arbitrary web...
CVE-2024-9211 FULL – Cliente <= 3.1.22 - Reflected Cross-Site Scripting
The FULL – Cliente plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 3.1.22. This makes it possible for unauthenticated attackers to inject arbitrary web...
CVE-2024-9211
The CVE CVE-2024-9211 affects the WordPress plugin FULL – Cliente (≤ 3.1.22). It is a Reflected Cross-Site Scripting vulnerability caused by using add_query_arg and remove_query_arg without proper escaping, enabling unauthenticated attackers to inject scripts when a user is tricked into clicking ...
WordPress FULL Customer Plugin <= 3.1.22 is vulnerable to Cross Site Scripting (XSS)
Software FULL Customer Type Plugin Vulnerable versions = 3.1.22 Fixed in 3.1.23 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9211 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 199342483259 Credits vgo0 Required...