Return to CVE list

CVE-2024-13874

7.1
Critical

CVE-2024-13874

contact@wpscan.com
Awaiting Analysis
View on MITREFind on GitHub

Description

The Feedify WordPress plugin before 2.4.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

Exploits

No known exploits found for this CVE.

Search Exploit-DB

References

contact@wpscan.com
https://wpscan.com/vulnerability/c808e7cf-3285-402b-ab4f-a40ab822b12e/
134c704f-9b21-4f2e-91b3-4a467353bcc0
https://wpscan.com/vulnerability/c808e7cf-3285-402b-ab4f-a40ab822b12e/