cleantalk
Vulnerabilities and Security Researches

WPCOM Member, CVE-2024-47378

CVE, Research URL

CVE-2024-47378

Home page URL

Security reports for WPCOM Member

Application

WPCOM Member

Published on
Oct 05, 2024
Research Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPCOM WPCOM Member allows Reflected XSS.This issue affects WPCOM Member: from n/a through 1.5.4.
Affected versions
Min -, max 1.5.4.1.
Status
vulnerable
Previous vulnerability researches
WPCOM Member (CVE-2024-47378) , Oct 03, 2024
WPCOM Member (CVE-2025-39570) , Apr 18, 2025
WPCOM Member (CVE-2025-1475) , Mar 08, 2025
WPCOM Member (CVE-2024-7493) , Sep 07, 2024
WPCOM Member (CVE-2025-2221) , Mar 15, 2025
New vulnerability
WordPress Job Board and Recruitment Plugin – JobWP (CVE-2025-2010) , Apr 20, 2025
WP Logger (CVE-2025-39456) , Apr 20, 2025
visualslider Sldier (CVE-2025-23448) , Apr 20, 2025
RSS Manager (CVE-2025-39418) , Apr 20, 2025
Contact Form vCard Generator (CVE-2025-39521) , Apr 20, 2025