Vulnerability Details CVE-2024-35732
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YITHEMES YITH Custom Login yith-custom-login.This issue affects YITH Custom Login: from n/a through <= 1.7.0.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 35.6%
CVSS Severity
CVSS v3 Score 4.8
References
- https://patchstack.com/database/Wordpress/Plugin/yith-custom-login/vulnerability/wordpress-yith-custom-login-plugin-1-7-0-cross-site-scripting-xss-vulnerability?_s_id=cve
- https://patchstack.com/database/vulnerability/yith-custom-login/wordpress-yith-custom-login-plugin-1-7-0-cross-site-scripting-xss-vulnerability?_s_id=cve
Products affected by CVE-2024-35732
-
cpe:2.3:a:yithemes:yith_custom_login:1.7.0