8 matches found
CVE-2024-10623
The ForumEngine theme for WordPress is vulnerable to Reflected Cross-Site Scripting via a URL in all versions up to, and including, 1.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that...
WordPress ForumEngine theme <= 1.8 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by rajanhoyr in WordPress Theme ForumEngine versions = 1.8...
CVE-2024-10623
The ForumEngine theme for WordPress is vulnerable to Reflected Cross-Site Scripting via a URL in all versions up to, and including, 1.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that...
CVE-2024-10623 ForumEngine <= 1.8 - Reflected Cross-Site Scripting
The ForumEngine theme for WordPress is vulnerable to Reflected Cross-Site Scripting via a URL in all versions up to, and including, 1.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that...
CVE-2024-10623 ForumEngine <= 1.8 - Reflected Cross-Site Scripting
The ForumEngine theme for WordPress is vulnerable to Reflected Cross-Site Scripting via a URL in all versions up to, and including, 1.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that...
CVE-2024-10623
CVE-2024-10623 (ForumEngine Theme
WordPress plugin ForumEngine 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress ForumEngine Theme <= 1.8 is vulnerable to Cross Site Scripting (XSS)
Software ForumEngine Type Theme Vulnerable versions = 1.8 Fixed in 1.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10623 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4119169dab6d Credits rajanhoyr Required privile...