Lucene search
CVE-2024-3974 BuddyPress <= 12.4.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting
BuddyPress plugin allows authenticated attackers to inject arbitrary scripts via 'user_name' paramete
Show more
| Reporter | Title | Published | Views | Family All 6 |
|---|---|---|---|---|
 | BuddyPress < 12.4.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting | 7 May 202400:00 | – | wpvulndb |
 | CVE-2024-3974 BuddyPress <= 12.4.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting | 9 May 202420:03 | – | cvelist |
 | CVE-2024-3974 | 14 May 202415:42 | – | cve |
 | WordPress BuddyPress Plugin <= 12.4.0 is vulnerable to Cross Site Scripting (XSS) | 5 May 202400:00 | – | patchstack |
 | CVE-2024-3974 | 14 May 202415:42 | – | nvd |
 | Wordfence Intelligence Weekly WordPress Vulnerability Report (April 29, 2024 to May 5, 2024) | 9 May 202416:49 | – | wordfence |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo09 May 2024 20:03Current
5.8Medium risk
Vulners AI Score5.8
CVSS36.4
EPSS0.00045
SSVC