CVE-2024-0905 – The Fancy Product Designer WordPress plugin before 6.1.8 does not sanitise and escape a …

26 April 2024

Vuln ID: CVE-2024-0905

Published: 2024-04-26 05:15:49.907

Description: The Fancy Product Designer WordPress plugin before 6.1.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against unauthenticated and admin-level users

Base Score: –

Vector:

Source: NVD.NIST.GOV

Date:

26 April 2024

Categorie(s):

NVD

Tag(s):

NVD

Australia News live: Electric Fields crash out of Eurovision semi-final; half of NSW threatened species face extinction7 May 2024
#RSAC: Two-Thirds of Organizations Failing to Address AI Risks, ISACA Finds7 May 2024
Watch out for rogue DHCP servers decloaking your VPN connections7 May 2024
Major UK Security Provider Leaks Trove of Guard and Suspect Data7 May 2024
RSAC: Decoding US Government Plans to Shift the Software Security Burden7 May 2024