CVE-2024-7356 | Zephyr Project Manager Plugin up to 3.3.100 on WordPress filename cross site scripting

Posted by Angelo Barbosa | Aug 3, 2024 | CVE

A vulnerability was found in Zephyr Project Manager Plugin up to 3.3.100 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument filename leads to cross site scripting.

This vulnerability is known as CVE-2024-7356. The attack can be launched remotely. There is no exploit available.

CVE-2024-7356 | Zephyr Project Manager Plugin up to 3.3.100 on WordPress filename cross site scripting

Related Posts

CVE-2024-2410 | protocolbuffers protobuf up to 4.24.x JsonToBinaryStream use after free

CVE-2024-1064 | Arcadia Technology Crafty Controller up to 4.2.2 HTTP Host http headers for scripting syntax (Issue 327)

CVE-2024-40544 | Sanluan PublicCMS 4.0.202302.e edit server-side request forgery

CVE-2023-32888 | MediaTek MT6990 Modem IMS Call UA denial of service (MOLY01161830)