cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-13394,https://securityvulnerability.io/vulnerability/CVE-2024-13394,Stored XSS Vulnerability in ViewMedica 9 Plugin for WordPress,"The ViewMedica 9 plugin for WordPress suffers from a vulnerability that allows authenticated attackers with contributor-level access and above to exploit stored cross-site scripting (XSS). This occurs via insufficient input sanitization and output escaping on user-supplied attributes within the 'viewmedica' shortcode. As a result, attackers can inject arbitrary scripts into web pages, which execute whenever a user visits the affected pages, potentially compromising user data and trust.",Wordpress,Viewmedica 9,6.4,MEDIUM,0.0005300000193528831,false,,false,false,false,false,false,false,2025-01-15T05:24:54.278Z,0
CVE-2024-12291,https://securityvulnerability.io/vulnerability/CVE-2024-12291,Cross-Site Request Forgery Vulnerability in ViewMedica Plugin for WordPress,"The ViewMedica 9 plugin for WordPress has a vulnerability that allows unauthenticated attackers to execute Cross-Site Request Forgery attacks due to insufficient nonce validation. This weakness enables attackers to inject malicious scripts via forged requests by convincing an administrator to perform an action, such as clicking a malicious link.",Wordpress,Viewmedica 9,6.1,MEDIUM,0.0004600000102072954,false,,false,false,false,false,false,false,2025-01-07T04:22:01.768Z,0
CVE-2024-12170,https://securityvulnerability.io/vulnerability/CVE-2024-12170,Cross-Site Request Forgery in ViewMedica 9 Plugin for WordPress,"The ViewMedica 9 plugin for WordPress is prone to Cross-Site Request Forgery due to inadequate nonce validation on the 'Viewmedica-Admin' page. This vulnerability allows attackers to craft forgery requests, potentially leading to unauthorized execution of arbitrary SQL queries if an unsuspecting site administrator interacts with a malicious link. It is essential for users to review their plugin versions and apply necessary updates to mitigate this risk.",Wordpress,Viewmedica 9,5.4,MEDIUM,0.0004600000102072954,false,,false,false,false,false,false,false,2025-01-07T04:22:00.143Z,0