Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1
CVE-2024-6226
- EPSS 0.4%
- Published 30.07.2024 06:15:03
- Last modified 20.08.2025 12:21:55
The WpStickyBar WordPress plugin through 2.1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
9.8
CVE-2024-5765
- EPSS 77.18%
- Published 30.07.2024 06:15:02
- Last modified 20.08.2025 12:20:46
The WpStickyBar WordPress plugin through 2.1.0 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection
1