How severe is CVE-2024-3628?

This vulnerability has a severity rating of LOW with a CVSS score of 3.8 out of 10.

What type of vulnerability is CVE-2024-3628?

This is classified as CWE-79, which is a common weakness in software security.

CVE-2024-3628

LOW Year: 2024

CVSS v3 Score

3.8

Low

Weakness Type

CWE-79

View all →

Vulnerability Description

The EasyEvent WordPress plugin through 1.0.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed

CVE-2021-3830

LOW

CVSS:3.8(Low)

btcpayserver is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-792021

CVE-2022-1530

LOW

CVSS:3.8(Low)

Cross-site Scripting (XSS) in GitHub repository livehelperchat/livehelperchat prior to 3.99v. The attacker can execute malicious JavaScript on the application.

CWE-792022

CVE-2022-2256

LOW

CVSS:3.8(Low)

A Stored Cross-site scripting (XSS) vulnerability was found in keycloak as shipped in Red Hat Single Sign-On 7. This flaw allows a privileged attacker to execute malicious scripts in the admin console...

CWE-792022

CVE-2023-3142

LOW

CVSS:3.8(Low)

Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 2.0.

CWE-792023

CVE-2024-13116

LOW

CVSS:3.8(Low)

The Crelly Slider WordPress plugin before 1.4.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks e...

CWE-792024

CVE-2024-13308

LOW

CVSS:3.8(Low)

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Browser Back Button allows Cross-Site Scripting (XSS).This issue affects Browser Back Butto...

CWE-792024

CVE-2024-3628

Vulnerability Description

Related Vulnerabilities

CVE-2021-3830

CVE-2022-1530

CVE-2022-2256

CVE-2023-3142

CVE-2024-13116

CVE-2024-13308