cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-3201,https://securityvulnerability.io/vulnerability/CVE-2024-3201,Stored Cross-Site Scripting Vulnerability in WP DSGVO Tools (GDPR) Plugin,"The WP DSGVO Tools (GDPR) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'pp_link' shortcode in all versions up to, and including, 3.1.32 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",Wordpress,WP Dsgvo Tools (gdpr),6.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,2024-05-23T01:56:20.191Z,0
CVE-2021-4358,https://securityvulnerability.io/vulnerability/CVE-2021-4358,Stored Cross-Site Scripting in WP DSGVO Tools Plugin for WordPress,"The WP DSGVO Tools (GDPR) plugin for WordPress suffers from a vulnerability due to insufficient input sanitization and output escaping. This flaw allows unauthenticated attackers to perform stored cross-site scripting (XSS) attacks by injecting arbitrary scripts through an unspecified parameter. When users access affected pages, the injected scripts execute, potentially compromising user data and website integrity. The vulnerability impacts versions up to and including 3.1.23, highlighting the importance of timely updates and security best practices for WordPress users.",Wordpress,WP Dsgvo Tools (gdpr),7.2,HIGH,0.00215000007301569,false,,false,false,false,,false,false,2023-06-07T01:51:25.133Z,0