cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-9777,https://securityvulnerability.io/vulnerability/CVE-2024-9777,Unsecured URL Injection Vulnerability in Ashe Theme (maximum severity rating: 7.5),"The Ashe theme for WordPress has a vulnerability that allows for Reflected Cross-Site Scripting due to improper handling of URLs using the add_query_arg function without necessary escaping. This issue impacts all versions up to and including 2.243. Attackers can exploit this vulnerability to inject arbitrary JavaScript payloads into web pages, which may execute when a user is tricked into clicking on a malicious link. This can lead to session hijacking, phishing attacks, and other malicious activities, highlighting the importance of updates and secure coding practices.",Wordpress,Ashe,6.1,MEDIUM,0.0005200000014156103,false,,false,false,false,,,false,false,,2024-11-19T12:45:33.062Z,0