Buybox Widget

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2024-13679 MEDIUM This Month

The Widget BUY.BOX plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'buybox-widget' shortcode in all versions up to, and including, 3.1.5 due to insufficient input. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS Buybox Widget

NVD

CVSS 3.1

6.4

EPSS

0.1%

CVE-2024-13679

EPSS 0% CVSS 6.4

MEDIUM This Month

The Widget BUY.BOX plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'buybox-widget' shortcode in all versions up to, and including, 3.1.5 due to insufficient input. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS Buybox Widget

NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy