Lucene search
+L

5 matches found

circl
circl
added 2024/11/19 12:51 p.m.10 views

CVE-2024-9777

creationtimestamp| type| source ---|---|--- 2024-11-19 12:51:18+00:00| seen| https://infosec.exchange/users/cve/statuses/113509707155589232 2024-11-19 15:08:17+00:00| seen| https://t.me/cvedetector/11449...

6.1CVSS8.7AI score0.00383EPSS
Exploits0References2
cve
cve
added 2024/11/19 12:45 p.m.52 views

CVE-2024-9777

CVE-2024-9777 (Ashe theme for WordPress) is a Reflected Cross‑Site Scripting issue caused by insufficient escaping of add_query_arg usage in all versions up to 2.243. The vulnerability allows unauthenticated attackers to inject scripts into pages that execute when a user is enticed to perform an ...

6.1CVSS6AI score0.00383EPSS
Exploits0References5Affected Software1
vulnrichment
vulnrichment
added 2024/11/19 12:45 p.m.30 views

CVE-2024-9777 Ashe <= 2.243 - Reflected Cross-Site Scripting via add_query_arg Parameter

The Ashe theme for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 2.243. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execut...

6.1CVSS6.4AI score0.00383EPSS
Exploits0References5
cvelist
cvelist
added 2024/11/19 12:45 p.m.23 views

CVE-2024-9777 Ashe <= 2.243 - Reflected Cross-Site Scripting via add_query_arg Parameter

The Ashe theme for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 2.243. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execut...

6.1CVSS0.00383EPSS
Exploits0References5
patchstack
patchstack
added 2024/11/19 12:0 a.m.22 views

WordPress Ashe Theme <= 2.243 is vulnerable to Cross Site Scripting (XSS)

Software Ashe Type Theme Vulnerable versions = 2.243 Fixed in 2.244 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9777 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1ba0e6cd8ae8 Credits vgo0 Required privilege...

6.1CVSS5.9AI score0.00383EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder