CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-3048

The Bannerlid WordPress plugin through 1.1.0 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as administrators

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 32.7%

CVSS Severity

CVSS v3 Score 5.5

References

https://wpscan.com/vulnerability/e179ff7d-137c-48bf-8b18-e874e3f876f4/
https://wpscan.com/vulnerability/e179ff7d-137c-48bf-8b18-e874e3f876f4/

Products affected by CVE-2024-3048

Web Lid » Bannerlid » Version: Any

cpe:2.3:a:web_lid:bannerlid:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-3048

Products

Pricing

Contact Us