HIGH✓ PATCH🇬🇧 English

CVE-2024-44002

CVSS 7.1v3.1pub. 2024-09-18upd. 2026-04-23

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Team Showcase team allows Reflected XSS.This issue affects Team Showcase: from n/a through <= 1.22.25.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
  • Pickplugins Team Showcase

    APP
    Pickplugins
    ≤ 1.22.25
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
XSS
CWE
Referencje

Powiązane podatności

CVE-2020-35936HIGH7.5ten sam produkt

Stored Cross-Site Scripting (XSS) vulnerabilities in the Post Grid plugin before 2.0.73 for WordPress allow re...

CVE-2020-35937HIGH7.5ten sam produkt

Stored Cross-Site Scripting (XSS) vulnerabilities in the Team Showcase plugin before 1.22.16 for WordPress all...

CVE-2020-35938HIGH7.5ten sam produkt

PHP Object injection vulnerabilities in the Post Grid plugin before 2.0.73 for WordPress allow remote authenti...

CVE-2020-35939HIGH7.5ten sam produkt

PHP Object injection vulnerabilities in the Team Showcase plugin before 1.22.16 for WordPress allow remote aut...

CVE-2022-4693CRITICAL9.8ten sam vendor

The User Verification WordPress plugin before 1.0.94 was affected by an Auth Bypass security vulnerability. To...