CVE-2024-10164 | codename065 Premium Packages Plugin up to 5.9.3 on WordPress Shortcode wpdmpp_pay_link cross site scripting

Inserito da Angelo Barbosa | Nov 21, 2024 | CVE

A vulnerability was found in codename065 Premium Packages Plugin up to 5.9.3 on WordPress. It has been declared as problematic. Affected by this vulnerability is the function wpdmpp_pay_link of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability is known as CVE-2024-10164. The attack can be launched remotely. There is no exploit available.

CVE-2024-10164 | codename065 Premium Packages Plugin up to 5.9.3 on WordPress Shortcode wpdmpp_pay_link cross site scripting

Post correlati

CVE-2024-2377 | Hitachi Energy SDM600 prior 1.3.4.572 HTTP Response Header origin validation

CVE-2024-8869 | TOTOLINK A720R 4.1.5 exportOvpn os command injection

CVE-2024-2813 | Tenda AC15 15.03.20_multi fast_setting_wifi_set form_fast_setting_wifi_set ssid stack-based overflow

CVE-2024-47194 | Siemens ModelSim/Questa prior 2024.3 vish2.exe uncontrolled search path (ssa-426509)