← Back

Postlists

postlists

Vendor: Reneade • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-10815
1Reneade
1Postlists
May 14, 2025
Jan 9, 2025
N/A· v4
4.2 MEDIUM· v3
N/A· v2
The PostLists WordPress plugin through 2.0.2 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers