Security Advisory

CVE-2024-3048

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-04-26 05:00:03

Last updated 2024-11-20 17:26:28

Assigner WPScan

State PUBLISHED

Description

The Bannerlid WordPress plugin through 1.1.0 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as administrators

← Browse all CVEs View on cve.org ↗