cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-12412,https://securityvulnerability.io/vulnerability/CVE-2024-12412,Stored Cross-Site Scripting Vulnerability in WpRently Plugin for WooCommerce by WordPress,"The WpRently plugin for WordPress, used for managing rentals and bookings with WooCommerce integration, is susceptible to a Stored Cross-Site Scripting vulnerability. This issue arises from insufficient input sanitization and output escaping related to the 'active_tab' parameter. Attackers without authentication can exploit this vulnerability to inject arbitrary web scripts into pages, which will execute when users access these compromised pages. This can lead to unauthorized access and manipulation of user data, highlighting the urgent need for addressing this security flaw in all versions up to and including 2.2.1.",Wordpress,"Rental And Booking Manager For Bike, Car, Dress, Resort With WooCommerce Integration – WPrently | WordPress Plugin",6.1,MEDIUM,0.0004600000102072954,false,,false,false,false,false,false,false,2025-01-11T07:21:53.135Z,0