CVE-2024-8914 | haibasoft Thanh Toán Quét Mã QR Code Tự Động Plugin up to 2.0.1 on WordPress wp_kses_allowed_html onclick cross site scripting

Inserito da Angelo Barbosa | Set 24, 2024 | CVE

A vulnerability has been found in haibasoft Thanh Toán Quét Mã QR Code Tự Động Plugin up to 2.0.1 on WordPress and classified as problematic. This vulnerability affects the function wp_kses_allowed_html. The manipulation of the argument onclick leads to cross site scripting.

This vulnerability was named CVE-2024-8914. The attack can be initiated remotely. There is no exploit available.

CVE-2024-8914 | haibasoft Thanh Toán Quét Mã QR Code Tự Động Plugin up to 2.0.1 on WordPress wp_kses_allowed_html onclick cross site scripting

Post correlati

CVE-2024-36075 | Netwrix CoSoSys Endpoint Protector/CoSoSys Unify Application Configuration improper authentication

CVE-2024-25850 | Netis WF2780 2.1.40144 wps_ap_ssid5g command injection

CVE-2024-39426 | Adobe Acrobat Reader out-of-bounds (apsb24-57)

CVE-2024-24990 | F5 NGINX Plus/NGINX Open Source QUIC Module use after free (K000138445)