The Backlink Monitoring Manager WordPress plugin through 0.1.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
Metrics
Affected Vendors & Products
References
History
Thu, 09 Jan 2025 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-79 | |
Metrics |
cvssV3_1
|
Thu, 09 Jan 2025 06:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | The Backlink Monitoring Manager WordPress plugin through 0.1.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. | |
Title | Backlink Monitoring Manager <= 0.1.3 - Reflected XSS | |
References |
|
MITRE
Status: PUBLISHED
Assigner: WPScan
Published: 2025-01-09T06:00:05.935Z
Updated: 2025-01-09T15:18:50.514Z
Reserved: 2024-12-17T16:27:14.677Z
Link: CVE-2024-12714
Vulnrichment
Updated: 2025-01-09T15:18:43.590Z
NVD
Status : Received
Published: 2025-01-09T06:15:14.797
Modified: 2025-01-09T16:15:36.200
Link: CVE-2024-12714
Redhat
No data.