CVE-2024-35757 — Cross-site Scripting in Easy AGE Verify

CWE-79 — Cross-site Scripting3 documents3 sources

Severity

4.8MEDIUMNVD

CNA5.9

EPSS

0.2%

top 63.38%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

5starplugins Easy AGE Verify 5 Star Plugins Easy AGE Verify

Timeline

PublishedJun 21

Description

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in 5 Star Plugins Easy Age Verify allows Stored XSS.This issue affects Easy Age Verify: from n/a through 1.8.2.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:NExploitability: 1.7 | Impact: 2.7

Affected Packages2 packages

▶NVD5starplugins/easy_age_verify< 1.8.3

▶CVEListV55_star_plugins/easy_age_verifyn/a — 1.8.2

🔴Vulnerability Details

CVEList

WordPress Easy Age Verify plugin <= 1.8.2 - Cross Site Scripting (XSS) vulnerability↗2024-06-21

▶

GHSA

GHSA-vh28-836h-rm25: Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in 5 Star Plugins Easy Age Verify allows Sto↗2024-06-21

▶