CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-10815

The PostLists WordPress plugin through 2.0.2 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 5.5%

CVSS Severity

CVSS v3 Score 4.2

References

https://wpscan.com/vulnerability/309a445a-6261-4bd1-bac0-a78096d0c12b/
https://wpscan.com/vulnerability/309a445a-6261-4bd1-bac0-a78096d0c12b/

Products affected by CVE-2024-10815

Reneade » Postlists » Version: Any

cpe:2.3:a:reneade:postlists:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-10815

Products

Pricing

Contact Us