CVE-2024-10815 | PostLists Plugin up to 2.0.2 on WordPress $_SERVER[‘REQUEST_URI’] cross site scripting

Posted by Angelo Barbosa | Jan 9, 2025 | CVE

A vulnerability, which was classified as problematic, was found in PostLists Plugin up to 2.0.2 on WordPress. Affected is an unknown function. The manipulation of the argument $_SERVER[‘REQUEST_URI’] leads to cross site scripting.

This vulnerability is traded as CVE-2024-10815. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-10815 | PostLists Plugin up to 2.0.2 on WordPress $_SERVER[‘REQUEST_URI’] cross site scripting

Related Posts

CVE-2024-2561 | 74CMS 3.28.0 Company Logo Index.php#sendCompanyLogo imgBase64 unrestricted upload

CVE-2024-33304 | SourceCodester Product Show Room 1.0 Add Users Last Name cross site scripting

CVE-2024-23739 | Discord up to 0.0.291 on macOS Setting RunAsNode/enableNodeClilnspectArguments Privilege Escalation

CVE-2024-39251 | ThundeRobot Control Center 2.0.0.10 IOCTL Request ControlCenter64.sys information disclosure