cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-11607,https://securityvulnerability.io/vulnerability/CVE-2024-11607,Cross-Site Scripting Vulnerability in GTPayment Donations Plugin for WordPress,"The GTPayment Donations WordPress plugin, up to version 1.0.0, is vulnerable to Cross-Site Scripting (XSS) attacks due to a lack of proper Cross-Site Request Forgery (CSRF) checks and insufficient input sanitization and output escaping. This vulnerability allows authenticated attackers to inject malicious scripts into the website through a CSRF exploit, which can lead to stored XSS, compromising the security of the site and its users. Administrators may unknowingly include harmful payloads, potentially leading to data theft, disruption of services, or damage to the site's integrity.",Wordpress,Gtpayment Donations,6.1,MEDIUM,0.0004299999854993075,false,,false,false,true,true,false,false,2024-12-21T06:00:06.512Z,0