CVE-2024-13705 | malcolm-oph StageShow Plugin up to 9.8.6 on WordPress remove_query_arg cross site scripting

Inserito da Angelo Barbosa | Gen 30, 2025 | CVE

A vulnerability was found in malcolm-oph StageShow Plugin up to 9.8.6 on WordPress. It has been rated as problematic. This issue affects the function remove_query_arg. The manipulation leads to cross site scripting.

The identification of this vulnerability is CVE-2024-13705. The attack may be initiated remotely. There is no exploit available.

CVE-2024-13705 | malcolm-oph StageShow Plugin up to 9.8.6 on WordPress remove_query_arg cross site scripting

Post correlati

CVE-2024-42195 | HCL DevOps Deploy/Launch up to 7.0.5.24/7.1.2.20/7.2.3.13/7.3.2.8/8.0.1.3 Web UI cross site scripting (KB0117908)

CVE-2024-1117 | openBI up to 1.0.8 Screen.php index fileurl code injection

CVE-2024-37110 | Membership Software WishList Member X Plugin up to 3.26.6 on WordPress information disclosure

CVE-2024-32753 | Johnson Controls Illustra Pro Gen 4 JQuery vulnerable third-party component (icsa-24-191-03)