Lucene search
K

4 matches found

OSV
OSV
added 2025/02/18 5:15 a.m.4 views

CVE-2024-13848

The Reaction Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permission...

4.8CVSS5.9AI score0.00232EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/02/18 4:21 a.m.23 views

CVE-2024-13848 Reaction Buttons <= 2.1.6 - Authenticated (Administrator+) Stored Cross-Site Scripting

The Reaction Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permission...

5.5CVSS0.00232EPSS
Exploits0References2
CVE
CVE
added 2025/02/18 4:21 a.m.53 views

CVE-2024-13848

The CVE-2024-13848 entry concerns the Reaction Buttons WordPress plugin. It describes a Stored Cross-Site Scripting (XSS) vulnerability exploitable via admin settings, due to insufficient input sanitization and output escaping in versions up to 2.1.6. Exploitation requires administrator-level per...

5.5CVSS5.8AI score0.00232EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/18 4:21 a.m.7 views

CVE-2024-13848 Reaction Buttons <= 2.1.6 - Authenticated (Administrator+) Stored Cross-Site Scripting

The Reaction Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permission...

5.5CVSS5.8AI score0.00232EPSS
Exploits0References2
Rows per page
Query Builder