CVE-2024-11201 | myCred Plugin up to 2.7.5.2 on WordPress Shortcode mycred_send cross site scripting

Posted by Angelo Barbosa | Dec 5, 2024 | CVE

A vulnerability classified as problematic was found in myCred Plugin up to 2.7.5.2 on WordPress. Affected by this vulnerability is the function mycred_send of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability is known as CVE-2024-11201. The attack can be launched remotely. There is no exploit available.

CVE-2024-11201 | myCred Plugin up to 2.7.5.2 on WordPress Shortcode mycred_send cross site scripting

Related Posts

CVE-2024-4343 | imartinez privategpt up to 0.3.0 SageMaker LLM Endpoint sagemaker.py complete os command injection

CVE-2024-10801 | vanquish WordPress User Extra Fields Plugin up to 16.5 on WordPress ajax_manage_file_chunk_upload unrestricted upload

CVE-2024-42748 | TOTOLINK X5000r 9.1.0cu.2350_b20230313 /cgi-bin/cstecgi.cgi setWiFiWpsCfg os command injection

CVE-2024-33660 | AMI AptioV up to 5.37 SPI Flash code download