CVE-2024-11381 | cesarmaeso Control horas Plugin up to 1.0.1 on WordPress Shortcode ch_registro cross site scripting

Posted by Angelo Barbosa | Nov 22, 2024 | CVE

A vulnerability has been found in cesarmaeso Control horas Plugin up to 1.0.1 on WordPress and classified as problematic. This vulnerability affects the function ch_registro of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability was named CVE-2024-11381. The attack can be initiated remotely. There is no exploit available.

CVE-2024-11381 | cesarmaeso Control horas Plugin up to 1.0.1 on WordPress Shortcode ch_registro cross site scripting

Related Posts

CVE-2024-10325 | Elementor Header & Footer Builder Plugin up to 1.6.45 on WordPress SVG File Upload cross site scripting

CVE-2024-11258 | 1000 Projects Beauty Parlour Management System 1.0 /admin/index.php username sql injection

CVE-2024-4287 | mintplex-labs anything-llm HTTP POST Request update input validation

CVE-2024-20293 | Cisco ASA/Firepower Threat Defense Software Inactive-to-Active ACL interpretation conflict (cisco-sa-asaftd-ogsnsg-aclbyp-3XB8q6jX)