cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-13329,https://securityvulnerability.io/vulnerability/CVE-2024-13329,Reflected Cross-Site Scripting Vulnerability in Solidres WordPress Plugin,"The Solidres plugin for WordPress, up to version 0.9.4, is vulnerable to reflected cross-site scripting (XSS). This vulnerability arises from improper sanitization and escaping of a parameter before it is outputted on the page, which can be exploited by attackers to craft malicious URLs. Such crafted URLs can pose significant risks, especially when targeting users with high privileges, including admin accounts, potentially allowing attackers to execute arbitrary scripts in their browsers.",WordPress,Solidres,7.1,HIGH,0.01,false,,false,false,true,2025-02-04T06:00:09.000Z,true,false,false,,2025-02-04T06:00:09.485Z,0
CVE-2023-1377,https://securityvulnerability.io/vulnerability/CVE-2023-1377,Solidres <= 0.9.4 - Multiple Reflected XSS,"The Solidres WordPress plugin through 0.9.4 does not sanitise and escape numerous parameter before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin",Wordpress,Solidres,6.1,MEDIUM,0.0007600000244565308,false,,false,false,false,,,false,false,,2023-04-03T15:15:00.000Z,0
CVE-2023-1374,https://securityvulnerability.io/vulnerability/CVE-2023-1374,Stored Cross-Site Scripting in Solidres Plugin for WordPress,"The Solidres plugin for WordPress is susceptible to Stored Cross-Site Scripting (XSS) through the 'currency_name' parameter due to inadequate input sanitization and output escaping practices. This vulnerability allows authenticated attackers with administrative privileges to inject malicious web scripts. The injected scripts can execute on user-accessed pages, posing a significant threat to site integrity and user data security.",Wordpress,Solidres – Hotel booking plugin for WordPress,4.8,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2023-03-13T13:15:00.000Z,0