cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-8662,https://securityvulnerability.io/vulnerability/CVE-2024-8662,Arbitrary Web Script Injection Vulnerability in Koko Analytics Plugin,"The Koko Analytics plugin for WordPress is susceptible to a serious security flaw that allows for Reflected Cross-Site Scripting attacks. This vulnerability arises from the improper use of the add_query_arg function without appropriate URL escaping. Attackers can exploit this flaw by tricking an unsuspecting user into clicking a malicious link, potentially leading to arbitrary web script execution in the user's context. This issue affects all versions of the plugin up to and including version 1.3.12, rendering a significant number of WordPress installations at risk. Regular updates and security best practices are essential to mitigate the risk associated with this vulnerable plugin.",Wordpress,Koko Analytics,6.1,MEDIUM,0.0005200000014156103,false,,false,false,false,,,false,false,,2024-09-24T01:56:47.604Z,0