CVE-2024-49695
CVSS V2 None
CVSS V3 None
Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Spiffy Plugins WP Flow Plus allows Stored XSS.This issue affects WP Flow Plus: from n/a through 5.2.3.
Overview
- CVE ID
- CVE-2024-49695
- Assigner
- Patchstack
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-10-24T12:38:03.485Z
- Last Modified Date
- 2024-10-24T13:38:23.198Z
Weakness Enumerations
References
Reference URL | Reference Tags |
---|---|
https://patchstack.com/database/vulnerability/wp-imageflow2/wordpress-wp-flow-plus-plugin-5-2-3-cross-site-scripting-xss-vulnerability?_s_id=cve | vdb-entry |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-49695 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49695 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-10-25 13:28:58 | Added to TrackCVE |