Vulnerability Details CVE-2024-37422
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Progress Planner Progress Planner progress-planner.This issue affects Progress Planner: from n/a through <= 0.9.2.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 26.0%
CVSS Severity
CVSS v3 Score 5.9
References
- https://patchstack.com/database/Wordpress/Plugin/progress-planner/vulnerability/wordpress-progress-planner-plugin-0-9-2-cross-site-scripting-xss-vulnerability?_s_id=cve
- https://patchstack.com/database/vulnerability/progress-planner/wordpress-progress-planner-plugin-0-9-2-cross-site-scripting-xss-vulnerability?_s_id=cve
Products affected by CVE-2024-37422
-
cpe:2.3:a:emilia:progress_planner:-
-
cpe:2.3:a:emilia:progress_planner:0.9
-
cpe:2.3:a:emilia:progress_planner:0.9.1
-
cpe:2.3:a:emilia:progress_planner:0.9.2