CVE-2024-3918

Summary

The Pet Manager WordPress plugin through 1.4 does not sanitise and escape some of its Pet settings, which could allow high privilege users such as Contributor to perform Stored Cross-Site Scripting attacks.

Affected Software

VendorProductVersion RangeStatus
UnknownPet Manager0 <= 1.4affected

Weaknesses

  • CWE-79 Cross-Site Scripting (XSS)

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References