4 matches found
CVE-2024-13727
The MemberSpace WordPress plugin before 2.1.14 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users...
CVE-2024-13727 MemberSpace – Membership Plugin and Paid Subscriptions < 2.1.14 - Reflected XSS
The MemberSpace WordPress plugin before 2.1.14 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users...
CVE-2024-13727
CVE-2024-13727 concerns the MemberSpace WordPress plugin, affected versions prior to 2.1.14. The issue is a reflected Cross‑Site Scripting (XSS) vulnerability caused by insufficient sanitization/escaping of a parameter before output in the page. The impact, as documented, is a reflected XSS that ...
CVE-2024-13727 MemberSpace – Membership Plugin and Paid Subscriptions < 2.1.14 - Reflected XSS
The MemberSpace WordPress plugin before 2.1.14 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users...