2 matches found
CVE-2024-9375
The WordPress Captcha Plugin by Captcha Bank plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 4.0.36. This makes it possible for unauthenticated attackers to inject...
PT-2024-39193 · WordPress · Kodex Posts Likes Plugin
Name of the Vulnerable Software and Affected Versions: Kodex Posts likes plugin for WordPress versions up to, and including, 2.5.0 Description: The issue arises from the use of add query arg without proper escaping on the URL, allowing unauthenticated attackers to inject arbitrary web scripts int...