CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-50440

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Chris Coyier CodePen Embedded Pens Shortcode allows Stored XSS.This issue affects CodePen Embedded Pens Shortcode: from n/a through 1.0.2.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 15.5%

CVSS Severity

CVSS v3 Score 6.5

References

https://patchstack.com/database/vulnerability/codepen-embedded-pen-shortcode/wordpress-codepen-embedded-pens-shortcode-plugin-1-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve

Products affected by CVE-2024-50440

Codepen » Codepen » Version: N/A

cpe:2.3:a:codepen:codepen:-
Codepen » Codepen » Version: 0.1

cpe:2.3:a:codepen:codepen:0.1
Codepen » Codepen » Version: 0.2

cpe:2.3:a:codepen:codepen:0.2
Codepen » Codepen » Version: 0.3

cpe:2.3:a:codepen:codepen:0.3
Codepen » Codepen » Version: 0.4

cpe:2.3:a:codepen:codepen:0.4
Codepen » Codepen » Version: 0.5

cpe:2.3:a:codepen:codepen:0.5
Codepen » Codepen » Version: 0.6

cpe:2.3:a:codepen:codepen:0.6
Codepen » Codepen » Version: 0.7

cpe:2.3:a:codepen:codepen:0.7
Codepen » Codepen » Version: 0.7.1

cpe:2.3:a:codepen:codepen:0.7.1
Codepen » Codepen » Version: 0.8

cpe:2.3:a:codepen:codepen:0.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-50440

Products

Pricing

Contact Us