The My Quota WordPress plugin through 1.0.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
Metrics
Affected Vendors & Products
References
History
Thu, 20 Mar 2025 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
cvssV3_1
|
Thu, 20 Mar 2025 06:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | The My Quota WordPress plugin through 1.0.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. | |
Title | My Quota <= 1.0.8 - Reflected XSS | |
References |
|

Status: PUBLISHED
Assigner: WPScan
Published: 2025-03-20T06:00:07.305Z
Updated: 2025-03-20T19:35:40.358Z
Reserved: 2025-02-14T18:47:21.567Z
Link: CVE-2024-13880

Updated: 2025-03-20T19:35:13.735Z

Status : Awaiting Analysis
Published: 2025-03-20T06:15:22.213
Modified: 2025-03-20T20:15:30.667
Link: CVE-2024-13880

No data.