CVE-2024-22146

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Magazine3 Schema & Structured Data for WP & AMP allows Stored XSS.This issue affects Schema & Structured Data for WP & AMP: from n/a through 1.25.
Configurations

Configuration 1 (hide)

cpe:2.3:a:magazine3:schema_\&_structured_data_for_wp_\&_amp:*:*:*:*:*:wordpress:*:*

History

21 Nov 2024, 08:55

Type Values Removed Values Added
References () https://patchstack.com/database/vulnerability/schema-and-structured-data-for-wp/wordpress-schema-structured-data-for-wp-amp-plugin-1-25-cross-site-scripting-xss-vulnerability?_s_id=cve - Third Party Advisory () https://patchstack.com/database/vulnerability/schema-and-structured-data-for-wp/wordpress-schema-structured-data-for-wp-amp-plugin-1-25-cross-site-scripting-xss-vulnerability?_s_id=cve - Third Party Advisory
CVSS v2 : unknown
v3 : 5.4
v2 : unknown
v3 : 6.5

06 Feb 2024, 15:51

Type Values Removed Values Added
References () https://patchstack.com/database/vulnerability/schema-and-structured-data-for-wp/wordpress-schema-structured-data-for-wp-amp-plugin-1-25-cross-site-scripting-xss-vulnerability?_s_id=cve - () https://patchstack.com/database/vulnerability/schema-and-structured-data-for-wp/wordpress-schema-structured-data-for-wp-amp-plugin-1-25-cross-site-scripting-xss-vulnerability?_s_id=cve - Third Party Advisory
First Time Magazine3 schema \& Structured Data For Wp \& Amp
Magazine3
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.4
CPE cpe:2.3:a:magazine3:schema_\&_structured_data_for_wp_\&_amp:*:*:*:*:*:wordpress:*:*

31 Jan 2024, 19:54

Type Values Removed Values Added
New CVE

Information

Published : 2024-01-31 19:15

Updated : 2024-11-21 08:55


NVD link : CVE-2024-22146

Mitre link : CVE-2024-22146

CVE.ORG link : CVE-2024-22146


JSON object : View

Products Affected

magazine3

  • schema_\&_structured_data_for_wp_\&_amp
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')