8 matches found
WordPress Custom 404 Pro Plugin <= 3.11.1 is vulnerable to Cross Site Scripting (XSS)
Software Custom 404 Pro Type Plugin Vulnerable versions = 3.11.1 Fixed in 3.11.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-39646 Patch priority Medium CVSS severity Medium 7.1 Developer Kunal Nagar PSID 69ef67e4f21c Credits Dimas Maulana Required privilege...
CVE-2023-51540 WordPress Custom 404 Pro Plugin <= 3.10.0 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kunal Nagar Custom 404 Pro allows Stored XSS.This issue affects Custom 404 Pro: from n/a through 3.10.0...
WordPress Custom 404 Pro Plugin <= 3.10.0 is vulnerable to Cross Site Scripting (XSS)
Software Custom 404 Pro Type Plugin Vulnerable versions = 3.10.0 Fixed in 3.10.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-51540 Patch priority Medium CVSS severity Medium 7.1 Developer Kunal Nagar PSID ae8e6b89c98e Credits Kyle Sanchez Required privilege...
WordPress Custom 404 Pro Plugin < 3.8.1 is vulnerable to SQL Injection
Software Custom 404 Pro Type Plugin Vulnerable versions 3.8.1 Fixed in 3.8.1 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-2032 Patch priority Low CVSS severity Low 7.6 Developer Kunal Nagar PSID a690a7cf2a89 Credits Alex Sanford Required privilege Administrator Published 2...
WordPress Custom 404 Pro Plugin <= 3.8.1 is vulnerable to Cross Site Scripting (XSS)
Software Custom 404 Pro Type Plugin Vulnerable versions = 3.8.1 Fixed in 3.8.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-32740 Patch priority Medium CVSS severity Medium 5.8 Developer Kunal Nagar PSID 5d146d112b61 Credits LEE SE HYOUNG...
WordPress Custom 404 Pro Plugin <= 3.7.2 is vulnerable to SQL Injection
Software Custom 404 Pro Type Plugin Vulnerable versions = 3.7.2 Fixed in 3.7.3 OWASP Top 10 A1: Injection Classification SQL Injection CVE N/A Patch priority High CVSS severity High 9.8 Developer Kunal Nagar PSID dfc722040ecc Credits N/A Required privilege Unauthenticated Published 25 April, 2023...
WordPress Custom 404 Pro Plugin <= 3.7.1 is vulnerable to Cross Site Request Forgery (CSRF)
Software Custom 404 Pro Type Plugin Vulnerable versions = 3.7.1 Fixed in 3.7.2 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-0385 Patch priority Low CVSS severity Low 5.4 Developer Kunal Nagar PSID a124f27371a3 Credits Marco Wotschka Required...
WordPress Custom 404 Pro Plugin <= 3.7.0 is vulnerable to SQL Injection
Software Custom 404 Pro Type Plugin Vulnerable versions = 3.7.0 Fixed in 3.7.1 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2022-47605 Patch priority Low CVSS severity Low 8.3 Developer Kunal Nagar PSID 960f40facc61 Credits minhtuanact Required privilege Administrator Published...