CVE-2024-5744 in wp-eMember Plugininformação

Sumário

de MITRE • 13/07/2024

The wp-eMember WordPress plugin before 10.6.7 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Responsável

WPScan

Reservar

07/06/2024

Divulgação

13/07/2024

Moderação

aceite

Entrada

VDB-271443

CPE

pronto

EPSS

0.00430

KEV

não

Atividades

muito baixo

Fontes

Want to stay up to date on a daily basis?

Enable the mail alert feature now!