cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-13422,https://securityvulnerability.io/vulnerability/CVE-2024-13422,Reflected Cross-Site Scripting Vulnerability in SEO Blogger to WordPress Migration Plugin,"The SEO Blogger to WordPress Migration using 301 Redirection plugin is susceptible to a reflected Cross-Site Scripting (XSS) vulnerability. This issue arises from inadequate input sanitization and output escaping in the 'url' parameter across all versions up to and including 0.4.8. As a result, unauthenticated attackers may exploit this vulnerability to inject malicious scripts into web pages. If a user unwittingly clicks on a specially crafted link, these scripts could be executed in the context of their browser session, potentially compromising user data and session integrity.",Wordpress,Seo Blogger To WordPress Migration Using 301 Redirection,6.1,MEDIUM,0.0004600000102072954,false,,false,false,false,false,false,false,2025-01-23T11:13:28.888Z,0
CVE-2024-10645,https://securityvulnerability.io/vulnerability/CVE-2024-10645,Blind Time-Based SQL Injection Vulnerability Affects Blogger Plugin,"The Blogger 301 Redirect plugin for WordPress is subject to a vulnerability that allows blind time-based SQL injection through improper handling of the ‘br’ parameter. This vulnerability exists in all versions up to and including 2.5.3 due to insufficient escaping of user-supplied parameters and lack of adequate preparation in the SQL queries. An attacker, without needing authentication, can potentially manipulate the SQL queries, paving the way for unauthorized access to sensitive database information. Website administrators are urged to apply the appropriate updates to mitigate this risk.",Wordpress,Blogger 301 Redirect,7.5,HIGH,0.0008699999889358878,false,,false,false,false,,false,false,2024-11-16T08:35:38.355Z,0