CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-50440

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chris Coyier CodePen Embedded Pens Shortcode codepen-embedded-pen-shortcode allows Stored XSS.This issue affects CodePen Embedded Pens Shortcode: from n/a through <= 1.0.2.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 42.3%

CVSS Severity

CVSS v3 Score 5.4

References

https://patchstack.com/database/Wordpress/Plugin/codepen-embedded-pen-shortcode/vulnerability/wordpress-codepen-embedded-pens-shortcode-plugin-1-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve

Products affected by CVE-2024-50440

Codepen » Codepen » Version: N/A

cpe:2.3:a:codepen:codepen:-
Codepen » Codepen » Version: 0.1

cpe:2.3:a:codepen:codepen:0.1
Codepen » Codepen » Version: 0.2

cpe:2.3:a:codepen:codepen:0.2
Codepen » Codepen » Version: 0.3

cpe:2.3:a:codepen:codepen:0.3
Codepen » Codepen » Version: 0.4

cpe:2.3:a:codepen:codepen:0.4
Codepen » Codepen » Version: 0.5

cpe:2.3:a:codepen:codepen:0.5
Codepen » Codepen » Version: 0.6

cpe:2.3:a:codepen:codepen:0.6
Codepen » Codepen » Version: 0.7

cpe:2.3:a:codepen:codepen:0.7
Codepen » Codepen » Version: 0.7.1

cpe:2.3:a:codepen:codepen:0.7.1
Codepen » Codepen » Version: 0.8

cpe:2.3:a:codepen:codepen:0.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-50440

Products

Pricing

Contact Us