CVE-2024-12809 | pickplugins Wishlist Plugin up to 1.0.43 on WordPress Shortcode wishlist_button cross site scripting

Inserito da Angelo Barbosa | Mar 7, 2025 | CVE

A vulnerability was found in pickplugins Wishlist Plugin up to 1.0.43 on WordPress. It has been classified as problematic. Affected is the function wishlist_button of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2024-12809. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-12809 | pickplugins Wishlist Plugin up to 1.0.43 on WordPress Shortcode wishlist_button cross site scripting

Post correlati

CVE-2024-45479 | Apache Ranger 2.4.x Edit Service Page server-side request forgery

CVE-2024-33642 | EkoJR Advanced Post List Plugin up to 0.5.6.1 on WordPress cross site scripting

CVE-2024-35349 | Diño Physics School Assistant 2.3 view_category.php id sql injection

CVE-2024-50570 | Fortinet FortiClientMac/FortiClientLinux/FortiClientWindows cleartext storage (FG-IR-23-278)