cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-13678,https://securityvulnerability.io/vulnerability/CVE-2024-13678,Reflected Cross-Site Scripting Vulnerability in R3W InstaFeed WordPress Plugin,"The R3W InstaFeed plugin for WordPress, up to version 1.0, contains a flaw where it fails to properly sanitize and escape an input parameter before rendering it on the webpage. This vulnerability exposes high-privilege users, including administrators, to potential reflected cross-site scripting attacks. An attacker could exploit this weakness by crafting a malicious link that, when visited by an admin, could lead to the execution of arbitrary JavaScript in the context of the site's admin interface.",WordPress,R3w Instafeed,6.1,MEDIUM,0.01,false,,false,false,true,2025-02-26T06:00:11.000Z,true,false,false,,2025-02-26T06:00:11.901Z,0