CVE-2024-12524 | Clinked Client Portal Plugin up to 1.9 on WordPress Shortcode clinked-login-button cross site scripting

Posted by Angelo Barbosa | Jan 30, 2025 | CVE

A vulnerability was found in Clinked Client Portal Plugin up to 1.9 on WordPress and classified as problematic. Affected by this issue is the function clinked-login-button of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability is handled as CVE-2024-12524. The attack may be launched remotely. There is no exploit available.

CVE-2024-12524 | Clinked Client Portal Plugin up to 1.9 on WordPress Shortcode clinked-login-button cross site scripting

Related Posts

CVE-2024-10292 | ZZCMS 2023 ChangeTable.php savefilename unrestricted upload

CVE-2023-40301 | NetScout nGeniusPULSE 3.8 command injection

CVE-2024-6540 | OTRS up to 8.0.x/2023.x/2024.4.x Ticket improper filtering of special elements

CVE-2022-45169 | Livebox Collaboration vDesk up to 031 Push Notification createnotification redirect