cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-9613,https://securityvulnerability.io/vulnerability/CVE-2024-9613,Unauthenticated Attackers Can Trick Users into Injecting Arbitrary Web Scripts via Reflected Cross-Site Scripting,"The FormFacade plugin for Google Forms in WordPress presents a vulnerability related to reflected cross-site scripting (XSS) through the 'userId' and 'publishId' parameters. This issue arises from inadequate input sanitization and output escaping methods in all versions up to and including 1.3.6. As a result, unauthenticated attackers have the potential to exploit this vulnerability to inject arbitrary web scripts. Such scripts may execute in the context of the user’s session if the target is lured into clicking a malicious link. It is crucial for users of the affected plugin to take preventative measures, such as updating to a secure version and implementing proper web security practices.",Wordpress,Formfacade – WordPress Plugin For Google Forms,6.1,MEDIUM,0.0004600000102072954,false,,false,false,false,,false,false,2024-10-26T02:31:32.274Z,0