Couleurcitron

couleurcitron

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Tarteaucitron Wp

tarteaucitron-wp

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-11719 1Couleurcitron 1Tarteaucitron Wp Jun 9, 2025 May 15, 2025 N/A· v4 6.1 MEDIUM· v3 N/A· v2 The tarteaucitron-wp WordPress plugin before 0.3.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via...Show more The tarteaucitron-wp WordPress plugin before 0.3.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack.Show less
CVE-2024-11718 1Couleurcitron 1Tarteaucitron Wp Jun 9, 2025 May 15, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 The tarteaucitron-wp WordPress plugin before 0.3.0 allows author level and above users to add HTML into a post/page, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting atta...Show more The tarteaucitron-wp WordPress plugin before 0.3.0 allows author level and above users to add HTML into a post/page, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2024-11719

1Couleurcitron

1Tarteaucitron Wp

Jun 9, 2025

May 15, 2025

N/A· v4

6.1 MEDIUM· v3

N/A· v2

The tarteaucitron-wp WordPress plugin before 0.3.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via...Show more

CVE-2024-11718