cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-12047,https://securityvulnerability.io/vulnerability/CVE-2024-12047,Reflected Cross-Site Scripting in WP Compress Plugin by WordPress,"The WP Compress – Instant Performance & Speed Optimization plugin for WordPress is subject to a Reflected Cross-Site Scripting vulnerability. This issue arises from insufficient sanitization of input and output escaping related to the ‘custom_server’ parameter, affecting all versions up to 6.30.03. Attackers can exploit this vulnerability by injecting malicious web scripts into pages, which are executed when a victim clicks on a deceptive link crafted by the attacker. This poses serious security risks for users, particularly if they are tricked into taking an action that executes the script.",Wordpress,WP Compress – Instant Performance & Speed Optimization,6.1,MEDIUM,0.0005200000014156103,false,,false,false,false,false,false,false,2025-01-04T07:24:22.599Z,0