cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-11781,https://securityvulnerability.io/vulnerability/CVE-2024-11781,Stored XSS Vulnerability in Smart Agenda Plugin,"The Smart Agenda – Prise de rendez-vous en ligne plugin for WordPress has a vulnerability that allows for Stored Cross-Site Scripting due to inadequate input validation and output escaping on user-supplied attributes in its 'smartagenda' shortcode. This flaw enables authenticated attackers, such as users with contributor-level access and above, to inject arbitrary web scripts into web pages. When users access a page containing these injected scripts, their browsers may execute the malicious code, potentially compromising site integrity and user data.",Wordpress,Smart Agenda – Prise De Rendez-vous En Ligne,6.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,2024-12-12T05:24:19.358Z,0