CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-6668

The ProfilePro WordPress plugin through 1.3 does not sanitise and escape some parameters and lacks proper access controls, which could allow users with a role as low as subscriber to perform Cross-Site Scripting attacks

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 5.0%

CVSS Severity

CVSS v3 Score 5.4

References

https://wpscan.com/vulnerability/8faf1409-44e6-4ebf-9a68-b5f93a5295e9/
https://wpscan.com/vulnerability/8faf1409-44e6-4ebf-9a68-b5f93a5295e9/

Products affected by CVE-2024-6668

Wpproking » Profilepro » Version: Any

cpe:2.3:a:wpproking:profilepro:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-6668

Products

Pricing

Contact Us