cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-12221,https://securityvulnerability.io/vulnerability/CVE-2024-12221,Reflected Cross-Site Scripting Vulnerability in Turnkey bbPress by WeaverTheme for WordPress,"The Turnkey bbPress plugin developed by WeaverTheme for WordPress has a vulnerability that allows for reflected cross-site scripting via the ‘_wpnonce’ parameter. This vulnerability exists in all versions up to and including 1.6.3, where inadequate input sanitization and output escaping procedures create an opportunity for unauthenticated attackers. If attackers can deceive users into clicking malicious links, they can execute arbitrary web scripts on the affected pages, potentially compromising user data and site integrity.",Wordpress,Turnkey Bbpress By Weavertheme,6.1,MEDIUM,0.0005200000014156103,false,,false,false,false,false,false,false,2025-01-04T09:22:37.090Z,0