CVE-2024-29126

{"id": "CVE-2024-29126", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "audit@patchstack.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 3.7, "exploitabilityScore": 2.8}]}, "published": "2024-03-19T15:15:11.343", "references": [{"url": "https://patchstack.com/database/vulnerability/specific-content-for-mobile/wordpress-specific-content-for-mobile-plugin-0-1-9-5-cross-site-scripting-xss-vulnerability?_s_id=cve", "source": "audit@patchstack.com"}, {"url": "https://patchstack.com/database/vulnerability/specific-content-for-mobile/wordpress-specific-content-for-mobile-plugin-0-1-9-5-cross-site-scripting-xss-vulnerability?_s_id=cve", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "audit@patchstack.com", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jose Mortellaro Specific Content For Mobile \u2013 Customize the mobile version without redirections allows Reflected XSS.This issue affects Specific Content For Mobile \u2013 Customize the mobile version without redirections: from n/a through 0.1.9.5.\n\n"}, {"lang": "es", "value": "Neutralizaci\u00f3n inadecuada de la entrada durante la vulnerabilidad de generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Mortellaro Specific Content For Mobile \u2013 Customize the mobile version without redirections permite XSS reflejado. Este problema afecta el contenido espec\u00edfico para dispositivos m\u00f3viles: personalizar la versi\u00f3n m\u00f3vil sin redirecciones: desde n/a hasta 0.1.9.5."}], "lastModified": "2024-11-21T09:07:36.787", "sourceIdentifier": "audit@patchstack.com"}