CVE-2024-40101

HIGH Year: 2024
CVSS v3 Score
7.2
High
Weakness Type
CWE-79
View all →

Vulnerability Description

A Reflected Cross-site scripting (XSS) vulnerability exists in '/search' in microweber 2.0.15 and earlier allowing unauthenticated remote attackers to inject arbitrary web script or HTML via the 'keywords' parameter.

Related Vulnerabilities

CVE-2016-15041

HIGH
CVSS:7.2(High)

The MainWP Dashboard – The Private WordPress Manager for Multiple Website Maintenance plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘mwp_setup_purchase_username’ parameter ...

CWE-792016