CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Dcurasi: Security Vulnerabilities

CVE-2024-13849

The Cookie Notice Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.

CVSS Score

5.5

EPSS Score

0.0

Published

2025-02-20

CVE-2024-37522

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dario Curasì CC & BCC for Woocommerce Order Emails allows Stored XSS.This issue affects CC & BCC for Woocommerce Order Emails: from n/a through 1.4.1.

CVSS Score

5.9

EPSS Score

0.001

Published

2024-07-21

Page 1

Vulnerabilities

Vulnerable Software

Dcurasi: Security Vulnerabilities

Products

Pricing

Contact Us