cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2016-15041,https://securityvulnerability.io/vulnerability/CVE-2016-15041,Stored Cross-Site Scripting Vulnerability in MainWP Dashboard,"The MainWP Dashboard plugin for WordPress is affected by a Stored Cross-Site Scripting vulnerability that emerges from inadequate input sanitization and output escaping. This flaw involves the 'mwp_setup_purchase_username' parameter, allowing unauthenticated users to inject malicious web scripts. When users access compromised pages, these scripts execute, potentially leading to unauthorized actions and exposure of sensitive information. Users of MainWP Dashboard versions up to 3.1.2 are urged to review and implement appropriate security measures to mitigate risks associated with this vulnerability.",Wordpress,MainWP Dashboard: WordPress Management Without The Saas,7.2,HIGH,0.0005200000014156103,false,,false,false,false,,,false,false,,2024-10-16T06:43:40.321Z,0