CVE-2024-33918

2024-05-0300:00:00

ubuntu.com

cross-site scripting

maxim k

ajax

stored xss

security vulnerability

7.1 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

8.7%

JSON

Improper Neutralization of Input During Web Page Generation (‘Cross-site
Scripting’) vulnerability in Maxim K AJAX Login and Registration modal
popup + inline form allows Stored XSS.This issue affects AJAX Login and
Registration modal popup + inline form: from n/a through 2.23.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchform< anyUNKNOWN
ubuntu20.04noarchform< anyUNKNOWN
ubuntu22.04noarchform< anyUNKNOWN
ubuntu23.10noarchform< anyUNKNOWN
ubuntu24.04noarchform< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	form	< any	UNKNOWN
ubuntu	20.04	noarch	form	< any	UNKNOWN
ubuntu	22.04	noarch	form	< any	UNKNOWN
ubuntu	23.10	noarch	form	< any	UNKNOWN
ubuntu	24.04	noarch	form	< any	UNKNOWN

References

launchpad.net/bugs/cve/CVE-2024-33918

nvd.nist.gov/vuln/detail/CVE-2024-33918

patchstack.com/database/vulnerability/ajax-login-and-registration-modal-popup/wordpress-ajax-login-and-registration-modal-popup-inline-form-plugin-2-23-cross-site-scripting-xss-vulnerability?_s_id=cve

security-tracker.debian.org/tracker/CVE-2024-33918

www.cve.org/CVERecord?id=CVE-2024-33918