Lucene search
HistoryMay 14, 2024 - 3:42 p.m.
CVE-2024-3941
cve-2024-3941
csrf
wordpress plugin
stored xss
sanitisation
escaping
The reCAPTCHA Jetpack WordPress plugin through 0.2.2 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged-in admin add Stored XSS payloads via a CSRF attack.
Related
vulnrichment
vulnrichment
CVE-2024-3941 reCAPTCHA Jetpack <= 0.2.2 - Stored XSS via CSRF
2024-05-10 06:00:02
wpvulndb
wpvulndb
reCAPTCHA Jetpack <= 0.2.2 - Stored XSS via CSRF
2024-04-19 00:00:00
cve
cve
CVE-2024-3941
2024-05-14 15:42:36
cvelist
cvelist
CVE-2024-3941 reCAPTCHA Jetpack <= 0.2.2 - Stored XSS via CSRF
2024-05-10 06:00:02
wpexploit
wpexploit
reCAPTCHA Jetpack <= 0.2.2 - Stored XSS via CSRF
2024-04-19 00:00:00
wordfence
wordfence