CVE-2024-12474 | GeoDataSource Country Region DropDown Plugin up to 1.0.1 on WordPress Shortcode gds-country-dropdown cross site scripting

Posted by Angelo Barbosa | Dec 14, 2024 | CVE

A vulnerability was found in GeoDataSource Country Region DropDown Plugin up to 1.0.1 on WordPress and classified as problematic. This issue affects the function gds-country-dropdown of the component Shortcode Handler. The manipulation leads to cross site scripting.

The identification of this vulnerability is CVE-2024-12474. The attack may be initiated remotely. There is no exploit available.

CVE-2024-12474 | GeoDataSource Country Region DropDown Plugin up to 1.0.1 on WordPress Shortcode gds-country-dropdown cross site scripting

Related Posts

CVE-2024-4296 | HGiga iSherlock prior 4.5-149/5.5-149 Account Management Interface path traversal

CVE-2024-11999 | Schneider Electric Harmony HMISTO7 Pro-Face Blue Runtime unmaintained third party components (SEVD-2024-345-02)

CVE-2024-33149 | J2EEFAST 2.7.0 myProcessList sql_filter sql injection

CVE-2024-4763 | Lenovo Display Control Center prior 3.0.29082.0 default permission