Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hwk-fr WP 404 Auto Redirect to Similar Post allows Reflected XSS.This issue affects WP 404 Auto Redirect to Similar Post: from n/a through...
7.1CVSS
6.7AI Score
0.0004EPSS
The WP 404 Auto Redirect to Similar Post plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the βrequestβ parameter in all versions up to, and including, 1.0.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to.....
6.1CVSS
6.4AI Score
0.001EPSS
The Advanced Custom Fields: Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'acfe_form' shortcode in versions up to, and including, 0.8.9.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
6.4CVSS
5.2AI Score
0.001EPSS
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in hwk-fr WP 404 Auto Redirect to Similar Post plugin <= 1.0.3...
5.9CVSS
4.8AI Score
0.0004EPSS