CVE-2024-8914 | haibasoft Thanh Toán Quét Mã QR Code Tự Động Plugin up to 2.0.1 on WordPress wp_kses_allowed_html onclick cross site scripting

Posted by Angelo Barbosa | Sep 24, 2024 | CVE

A vulnerability has been found in haibasoft Thanh Toán Quét Mã QR Code Tự Động Plugin up to 2.0.1 on WordPress and classified as problematic. This vulnerability affects the function wp_kses_allowed_html. The manipulation of the argument onclick leads to cross site scripting.

This vulnerability was named CVE-2024-8914. The attack can be initiated remotely. There is no exploit available.

CVE-2024-8914 | haibasoft Thanh Toán Quét Mã QR Code Tự Động Plugin up to 2.0.1 on WordPress wp_kses_allowed_html onclick cross site scripting

Related Posts

CVE-2024-29906 | realmag777 WordPress Meta Data and Taxonomies Filter Plugin up to 1.3.2 on WordPress cross site scripting

CVE-2024-35349 | Diño Physics School Assistant 2.3 view_category.php id sql injection

CVE-2024-25674 | MISP up to 2.4.183 Organisation Logo Upload unrestricted upload

CVE-2024-29986 | Microsoft Edge prior 124.0.2478.51 on Android unknown vulnerability