CVE-2024-12595 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

The AHAthat Plugin WordPress plugin through 1.6 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lea…
Medium CVSS: 4.7

CVE-2024-12595

The AHAthat Plugin WordPress plugin through 1.6 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers
Vendor
Mitchelllevy
Product
Ahathat
CWE
CWE-79
Yayın Tarihi
2025-01-02 06:15:07
Güncelleme
2025-06-12 17:04:11
Source Identifier
contact@wpscan.com
KEV Date Added
-

Kategoriler

CWE-79 Ahathat MEDIUM Mitchelllevy 2025

Referanslar

https://wpscan.com/vulnerability/7a506438-3106-477f-816d-b9b116ec8555/ https://wpscan.com/vulnerability/7a506438-3106-477f-816d-b9b116ec8555/