CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-8703

The Z-Downloads WordPress plugin before 1.11.6 does not sanitise and escape some parameters when outputting them in the page, which could allow unauthenticated visitors to perform Cross-Site Scripting attacks when accessing share URLs.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 6.8%

CVSS Severity

CVSS v3 Score 6.1

References

https://wpscan.com/vulnerability/604e990e-9bec-469e-8630-605eea74e12c/

Products affected by CVE-2024-8703

Urbanbase » Z-Downloads » Version: 1.0.0

cpe:2.3:a:urbanbase:z-downloads:1.0.0
Urbanbase » Z-Downloads » Version: 1.0.1

cpe:2.3:a:urbanbase:z-downloads:1.0.1
Urbanbase » Z-Downloads » Version: 1.1.0

cpe:2.3:a:urbanbase:z-downloads:1.1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-8703

Products

Pricing

Contact Us