← Back

User Messages

user_messages

Vendor: Marvinlabs • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-13222
1Marvinlabs
1User Messages
May 13, 2025
Jan 31, 2025
N/A· v4
6.1 MEDIUM· v3
N/A· v2
The User Messages WordPress plugin through 1.2.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege user...Show more
The User Messages WordPress plugin through 1.2.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.Show less