cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-9609,https://securityvulnerability.io/vulnerability/CVE-2024-9609,Unauthenticated Reflected Cross-Site Scripting Vulnerability in LearnPress Export Import,"The LearnPress Export Import extension for the LearnPress plugin in WordPress is susceptible to Reflected Cross-Site Scripting due to lacking proper input sanitization and output escaping on the 'learnpress_import_form_server' parameter. This flaw affects all versions up to and including 4.0.4, allowing unauthenticated attackers to execute arbitrary web scripts within user sessions. Successful exploitation occurs when an attacker convinces a user to click on a malicious link, leading to unauthorized actions and potential data compromise within the affected web applications.",Wordpress,Learnpress Export Import – WordPress Extension For Learnpress,6.1,MEDIUM,0.0005200000014156103,false,,false,false,false,,,false,false,,2024-11-15T04:29:05.635Z,0