2 matches found
WordPress Contact Form 7 Plugin <= 5.9 is vulnerable to Cross Site Scripting (XSS)
Software Contact Form 7 Type Plugin Vulnerable versions = 5.9 Fixed in 5.9.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2242 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5d34f7907f9a Credits Asaf Mozes Required...
ManageEngine DeviceExpert 5.9 - User Credential Disclosure
User credential disclosure in ManageEngine DeviceExpert 5.9 Discovered by Pedro Ribeiro [email protected], Agile Information Security ========================================================================== Background on the affected product: "DeviceExpert is a web–based, multi vendor network...