cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-12731,https://securityvulnerability.io/vulnerability/CVE-2024-12731,Reflected Cross-Site Scripting Vulnerability in Aklamator INfeed Plugin for WordPress,"The Aklamator INfeed WordPress plugin, up to version 2.0.0, has a security flaw where it fails to properly sanitize and escape a certain parameter before displaying it on the web page. This vulnerability can expose high-privilege users, such as administrators, to reflected cross-site scripting attacks, potentially allowing attackers to execute arbitrary scripts in their browsers. This can lead to unauthorized actions being performed on behalf of users, highlighting the importance of applying security best practices and ensuring prompt updates to the plugin for protection.",Wordpress,Aklamator Infeed,,,0.0004299999854993075,false,,false,false,true,true,false,false,2025-01-09T06:00:08.319Z,0
CVE-2024-12717,https://securityvulnerability.io/vulnerability/CVE-2024-12717,Stored Cross-Site Scripting Vulnerability in Aklamator INfeed Plugin from Aklamator,"The Aklamator INfeed WordPress plugin, up to version 2.0.0, is susceptible to Stored Cross-Site Scripting due to improper sanitization and escaping of its settings. This vulnerability permits high privilege users, such as administrators, to conduct attacks that could lead to malicious scripts being stored and executed within the site. Such a flaw remains exploitable even when capabilities that would normally restrict HTML input, such as unfiltered_html, are disabled, posing a significant security risk in environments like multisite setups.",Wordpress,Aklamator Infeed,,,0.0004299999854993075,false,,false,false,true,true,false,false,2025-01-09T06:00:07.297Z,0