2 matches found
WordPress System Dashboard Plugin < 2.8.15 is vulnerable to Cross Site Scripting (XSS)
Software System Dashboard Type Plugin Vulnerable versions 2.8.15 Fixed in 2.8.15 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11107 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 948953d35f1c Credits Dogus Demirkiran...
PT-2024-37725
Name of the Vulnerable Software and Affected Versions Campaign Monitor for WordPress plugin for WordPress versions up to, and including, 2.8.15 Description The issue is due to the plugin not properly restricting direct access to "/forms/views/admin/create.php" and display errors being enabled. Th...