CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-8056

The MM-Breaking News WordPress plugin through 0.7.9 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 23.4%

CVSS Severity

CVSS v3 Score 6.1

References

https://wpscan.com/vulnerability/203b8122-f1e5-4e9e-ba83-f5cd59d8a289/

Products affected by CVE-2024-8056

Mm-Breaking News Project » Mm-Breaking News » Version: Any

cpe:2.3:a:mm-breaking_news_project:mm-breaking_news:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-8056

Products

Pricing

Contact Us