cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-11727,https://securityvulnerability.io/vulnerability/CVE-2024-11727,Plugin Vulnerable to Stored Cross-Site Scripting,"The NotificationX plugin for WordPress is susceptible to a Stored Cross-Site Scripting vulnerability stemming from inadequate input sanitization and output escaping in its notification content settings. This flaw allows authenticated users with administrator-level privileges to inject arbitrary web scripts into pages, leading to execution upon user access. The vulnerability specifically affects multi-site WordPress installations and those configurations where the unfiltered_html option is disabled, potentially compromising the integrity and security of affected sites.",Wordpress,"Notificationx – Live Sales Notification, WooCommerce Sales Popup, Fomo, Social Proof, Announcement Banner & Floating Notification Top Bar",4.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,2024-12-12T06:46:32.990Z,0