CVE-2024-6074 in wp-cart-for-digital-products Plugininformação

Sumário

de MITRE • 15/07/2024

The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Responsável

WPScan

Reservar

17/06/2024

Divulgação

15/07/2024

Moderação

aceite

Entrada

VDB-271481

CPE

pronto

EPSS

0.00336

KEV

não

Atividades

muito baixo

Fontes

Do you know our Splunk app?

Download it now for free!