CVE-2024-44061

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) (CWE-80)

Published: Oct 20, 2024 / Updated: 30d ago

010
CVSS 6.1EPSS 0.04%Medium
CVE info copied to clipboard

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in WPFactory EU/UK VAT Manager for WooCommerce allows Cross-Site Scripting (XSS).This issue affects EU/UK VAT Manager for WooCommerce: from n/a through 2.12.14.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Timeline

CVE Assignment

NVD published the first details for CVE-2024-44061

Oct 20, 2024 at 10:15 AM
CVSS

A CVSS base score of 7.1 has been assigned.

Oct 20, 2024 at 10:20 AM / nvd
First Article

Feedly found the first article mentioning CVE-2024-44061. See article

Oct 20, 2024 at 10:24 AM / National Vulnerability Database
EPSS

EPSS Score was set to: 0.04% (Percentile: 9.7%)

Oct 21, 2024 at 10:12 AM
CVSS

A CVSS base score of 6.1 has been assigned.

Oct 24, 2024 at 2:46 PM / nvd
Static CVE Timeline Graph

Affected Systems

Wpfactory/eu\/uk_vat_manager_for_woocommerce
+null more

Attack Patterns

CAPEC-18: XSS Targeting Non-Script Elements
+null more

News

CVE Alert: CVE-2024-44061 - https://www. redpacketsecurity.com/cve_aler t_cve-2024-44061/ # OSINT # ThreatIntel # CyberSecurity # cve_2024_44061
CVE Alert: CVE-2024-44061
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in WPFactory EU/UK VAT Manager for WooCommerce allows Cross-Site Scripting (XSS).This issue affects EU/UK VAT Manager for WooCommerce: from n/a through 2.12.14. Affected Endpoints:
NA - CVE-2024-44061 - Improper Neutralization of Script-Related HTML...
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in WPFactory EU/UK VAT Manager for WooCommerce allows Cross-Site Scripting (XSS).This issue affects EU/UK...
CVE-2024-44061
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in WPFactory EU/UK VAT Manager for WooCommerce allows Cross-Site Scripting (XSS).This issue affects EU/UK VAT Manager for WooCommerce: from n/a through...
WordPress EU/UK VAT Manager for WooCommerce plugin <= 2.12.14 - CSRF to Cross Site Scripting (XSS) vulnerability
WPfactory - HIGH - CVE-2024-44061 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in WPFactory EU/UK VAT Manager for WooCommerce allows Cross-Site Scripting (XSS).This issue affects EU/UK VAT Manager for WooCommerce: from n/a through 2.12.14.
See 8 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:None
User Interaction:Required
Scope:Changed
Confidentiality:Low
Integrity:Low
Availability Impact:None

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI