Lucene search
WPScanCVELIST:CVE-2024-4477HistoryJun 21, 2024 - 6:00 a.m.
CVE-2024-4477 WP Logs Book <= 1.0.1 - Unauthenticated Stored XSS
2024-06-2106:00:04
WPScan
www.cve.org
7
cve-2024-4477
wordpress
plugin
unauthenticated stored xss
admin dashboard
cross-site scripting
EPSS
0
Percentile
14.1%
The WP Logs Book WordPress plugin through 1.0.1 does not sanitise and escape some of its log data before outputting them back in an admin dashboard, leading to an Unauthenticated Stored Cross-Site Scripting
CNA Affected
[
{
"vendor": "Unknown",
"product": "WP Logs Book",
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThanOrEqual": "1.0.1"
}
],
"defaultStatus": "affected"
}
]Related
cve
cve
CVE-2024-4477
2024-06-21 06:15:12
nvd
nvd
CVE-2024-4477
2024-06-21 06:15:12
vulnrichment
vulnrichment
CVE-2024-4477 WP Logs Book <= 1.0.1 - Unauthenticated Stored XSS
2024-06-21 06:00:04
wpvulndb
wpvulndb
WP Logs Book <= 1.0.1 - Unauthenticated Stored XSS
2024-05-31 00:00:00
wpexploit
wpexploit
WP Logs Book <= 1.0.1 - Unauthenticated Stored XSS
2024-05-31 00:00:00
wordfence
wordfence