Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5
CVE-2024-47641
- EPSS 0.08%
- Published 30.09.2024 13:15:02
- Last modified 04.10.2024 13:51:25
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPDeveloperr Confetti Fall Animation allows Stored XSS.This issue affects Confetti Fall Animation: from n/a through 1.3.0.
5.4
CVE-2024-8919
- EPSS 0.06%
- Published 25.09.2024 01:15:47
- Last modified 30.09.2024 15:08:14
The Confetti Fall Animation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'confetti-fall-animation' shortcode in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping ...
1