Lucene search
K

6 matches found

Exploit DB
Exploit DB
added 2025/04/06 12:0 a.m.195 views

Reservit Hotel 2.1 - Stored Cross-Site Scripting (XSS)

Exploit Title: Reservit Hotel Content 3. Add the following payload to the Button text French field sane save: " style=animation-name:rotation onanimationstart=alert/XSS/// 4. The XSS will trigger upon saving and when any user will access the content dashboard again References:...

4.8CVSS7.1AI score0.00823EPSS
Exploits3
Circl
Circl
added 2025/03/07 10:35 a.m.7 views

CVE-2024-9458

creationtimestamp| type| source ---|---|--- 2025-03-07 10:35:14+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6826 2025-03-07 12:25:40+00:00| seen| https://t.me/cvedetector/19803 2025-03-07 14:05:00+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ljs6huat622f 2025-03-08...

4.8CVSS5.7AI score0.00823EPSS
Exploits3References3
NVD
NVD
added 2025/03/07 10:15 a.m.16 views

CVE-2024-9458

The Reservit Hotel WordPress plugin before 3.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS0.00823EPSS
Exploits3References1
Cvelist
Cvelist
added 2025/03/07 9:38 a.m.12 views

CVE-2024-9458 Reservit Hotel < 3.0 - Admin+ Stored XSS

The Reservit Hotel WordPress plugin before 3.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

0.00823EPSS
Exploits3References1
Vulnrichment
Vulnrichment
added 2025/03/07 9:38 a.m.10 views

CVE-2024-9458 Reservit Hotel < 3.0 - Admin+ Stored XSS

The Reservit Hotel WordPress plugin before 3.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.8AI score0.00823EPSS
Exploits3References1
CVE
CVE
added 2025/03/07 9:38 a.m.57 views

CVE-2024-9458

CVE-2024-9458 concerns the Reservit Hotel WordPress plugin, affected versions prior to 3.0. The root cause is failure to adequately sanitize and escape certain settings, which can permit stored XSS by high-privilege users (e.g., admins) even when unfiltered_html is disallowed, including multisite...

4.8CVSS5.8AI score0.00823EPSS
Exploits3References1Affected Software1
Rows per page
Query Builder