Vulnerabilities

Report: CVE-2024-13362 - Freemius <= 2.10.1 - reflected dom-based cross-site scripting via url parameter - Expert Insights

2026-05-01 0 views admin

CVE ID :CVE-2024-13362 Published : May 1, 2026, 6:16 a.m. | 1 hour, 10 minutes ago Description :Multiple plugins and/or themes for WordPress are vulnerable to Reflected Cross-Site Scripting via the url parameter in various versions due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2024-13362

Severity

MEDIUM

Published

May 1, 2026

Affected Product: WordPress

🏷️ Tags

report13362freemiusreflectedbasedcrossscriptingparameterexpertinsights

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: CVE-2024-13362 - Freemius <= 2.10.1 - reflected dom-based cross-site scripting via url parameter - Expert Insights

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: CVE-2026-7584 - Arbitrary Code Execution via Unsafe Deserialization in LabOne Q - Analysis

Report: CVE-2026-40201 - Diplodoc Search Extension Stored Cross-Site Scripting Vulnerability

Report: CVE-2026-42403 - Apache Neethi: Circular Policy Reference Infinite Loop

Report: Update: CVE-2026-42402 - Apache Neethi: Policy Normalization Unbounded Resource Allocation DoS

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting