cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-4944,https://securityvulnerability.io/vulnerability/CVE-2023-4944,Stored Cross-Site Scripting in Awesome Weather Widget for WordPress,"The Awesome Weather Widget for WordPress plugin is vulnerable to Stored Cross-Site Scripting due to inadequate input sanitization and output escaping on attributes of the 'awesome-weather' shortcode. This flaw allows authenticated attackers, holding contributor-level permissions or higher, to inject malicious web scripts that execute when users access compromised pages, potentially leading to severe security consequences.",Wordpress,Awesome Weather Widget,5.4,MEDIUM,0.0007200000109151006,false,,false,false,false,,false,false,2023-09-14T03:15:00.000Z,0
CVE-2021-24474,https://securityvulnerability.io/vulnerability/CVE-2021-24474,Awesome Weather Widget <= 3.0.2 - Reflected Cross-site Scripting (XSS),"The Awesome Weather Widget WordPress plugin through 3.0.2 does not sanitize the id parameter of its awesome_weather_refresh AJAX action, leading to an unauthenticated Reflected Cross-Site Scripting (XSS) Vulnerability.",Wordpress,Awesome Weather Widget,6.1,MEDIUM,0.0006200000061653554,false,,false,false,false,,false,false,2021-08-02T10:32:15.000Z,0