cb
cvebase
.
~
/
products
/
croberts
/
glossy
Search CVEs, products, detections…
⌘K
pipeline live
Digest
Docs
Home
/
Products
/
croberts
/
Croberts Glossy
Croberts Glossy vulnerabilities
1 known vulnerability affecting
croberts/glossy
.
Track
Total CVEs
1
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM
1
Vulnerabilities
Sort
Most important
Highest Priority
Highest EPSS
Highest CVSS
Newest
Oldest
Page 1 of 1
CVE-2024-13325
P4
MEDIUM
CVSS 6.1
PoC
≤ 2.3.5
2025-02-04
CVE-2024-13325 [MEDIUM] CWE-79 CVE-2024-13325: The Glossy WordPress plugin through 2.3.5 does not sanitise and escape a parameter before outputting The Glossy WordPress plugin through 2.3.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
nvd