CVE-2024-6529
HIGHCVSS v3
7.1
HIGH
EPSS Score
52.4%
exploit probability
CISA KEV
No
known exploited
Exploitation
—
SSVC status
Description
The Ultimate Classified Listings WordPress plugin before 1.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Technical Details
- Published
- 8/1/2024
Frequently Asked Questions
What is CVE-2024-6529?
The Ultimate Classified Listings WordPress plugin before 1.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Is CVE-2024-6529 actively exploited?
Active exploitation of CVE-2024-6529 has not been confirmed. The EPSS score is 52.4%, indicating the estimated probability of exploitation in the next 30 days.
What is the CVSS score for CVE-2024-6529?
CVE-2024-6529 has a CVSS v3 base score of 7.1 (HIGH severity).
Is CVE-2024-6529 affecting your environment?
Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.