How severe is CVE-2024-11846?

CVE-2024-11846 has a CVSS v3 score of 6.1 (MEDIUM).

CVE-2024-11846

Name: travel_tour
Author: goodlayers

6.1MEDIUM

The does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

Published: 1/1/2025Updated: 1/9/2026

Description

The does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

AI AnalysisPowered by AI

Affected Products

goodlayerstravel_tour

References

https://wpscan.com/vulnerability/eedaf2d8-171c-4785-99cc-ab33113308d1/
ExploitThird Party Advisory