WordPress myCred Plugin <= 2.7.4 is vulnerable to Cross Site Scripting (XSS)

Software myCred Type Plugin Vulnerable versions = 2.7.4 Fixed in 2.7.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10187 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d524bf2c1bdb Credits Peter Thaleikis Required privile...

WordPress myCred Plugin <= 2.6.1 is vulnerable to Cross Site Scripting (XSS)

Software myCred Type Plugin Vulnerable versions = 2.6.1 Fixed in 2.6.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-47853 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7a775c0398b7 Credits Khalid Yusuf Required privilege Contributor...

WordPress myCred Plugin <= 2.5 is vulnerable to Cross Site Request Forgery (CSRF)

Software myCred Type Plugin Vulnerable versions = 2.5 Fixed in 2.5.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-35096 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 50793719ef32 Credits István Márton Required privile...