cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-11202,https://securityvulnerability.io/vulnerability/CVE-2024-11202,WordPress Plugins Vulnerable to Reflected Cross-Site Scripting,Multiple plugins for WordPress are vulnerable to Reflected Cross-Site Scripting via the cminds_free_guide shortcode in various versions due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.,Wordpress,"Cm WordPress Search And Replace Plugin,Video Lessons Manager – WordPress Lms Plugin,Cm Tooltip Glossary,Cm Pop-up Banners For WordPress,Cm Header & Footer Script Loader – Insert Script Plugin,Name: Cm E-mail Registration Blacklist,Cm Business Directory Plugin – Business Listing Directory",6.1,MEDIUM,0.0009200000204145908,false,,false,false,false,,false,false,2024-11-26T07:31:31.790Z,0
CVE-2024-4086,https://securityvulnerability.io/vulnerability/CVE-2024-4086,Cross-Site Request Forgery Vulnerability in CM Tooltip Glossary Plugin,"The CM Tooltip Glossary – Powerful Glossary Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2.11. This is due to missing or incorrect nonce validation when saving settings. This makes it possible for unauthenticated attackers to change the plugin's settings or reset them via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",Wordpress,Cm Tooltip Glossary,4.3,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,2024-05-02T16:52:51.436Z,0
CVE-2021-24678,https://securityvulnerability.io/vulnerability/CVE-2021-24678,CM Tooltip Glossary < 3.9.21 - Contributor+ Stored Cross-Site Scripting,"The CM Tooltip Glossary WordPress plugin before 3.9.21 does not escape some glossary_tooltip shortcode attributes, which could allow users a role as low as Contributor to perform Stored Cross-Site Scripting attacks",Wordpress,Cm Tooltip Glossary – Better Seo And Uex For Your WP Site,5.4,MEDIUM,0.000539999979082495,false,,false,false,false,,false,false,2021-10-04T11:20:21.000Z,0