cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-9938,https://securityvulnerability.io/vulnerability/CVE-2024-9938,Unauthenticated Cross-Site Scripting Vulnerability in MailPoet Bounce Handler,"The Bounce Handler MailPoet 3 plugin for WordPress has a vulnerability that allows for Reflected Cross-Site Scripting through the 'page' parameter. This issue arises from a lack of sufficient input sanitization and output escaping, exposing users to risks where malicious actors can inject arbitrary web scripts. If a user is deceived into clicking on a manipulated link, the malicious script executes within their browser session, potentially compromising sensitive information or allowing further attacks.",Wordpress,Bounce Handler Mailpoet 3,6.1,MEDIUM,0.0004600000102072954,false,,false,false,false,,false,false,2024-11-16T03:20:51.155Z,0