TROYANOSYVIRUS
Voltar para CVEs

CVE-2024-47313

MEDIUM
5.1

Descricao

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Catch Themes Catch Base allows Stored XSS.This issue affects Catch Base: from n/a through 3.4.6.

Detalhes CVE

Pontuacao CVSS v3.15.1
SeveridadeMEDIUM
Vetor CVSSCVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L
Vetor de ataqueNETWORK
ComplexidadeHIGH
Privilegios necessariosHIGH
Interacao do usuarioREQUIRED
Publicado10/6/2024
Ultima modificacao1/12/2026
Fontenvd
Avistamentos honeypot0

Produtos afetados

catchthemes:catch_base

Fraquezas (CWE)

CWE-79

Referencias

https://patchstack.com/database/vulnerability/catch-base/wordpress-catch-base-theme-3-4-6-cross-site-scripting-xss-vulnerability?_s_id=cve(audit@patchstack.com)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.