Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total2

Critical0

High1

Medium1

Search Severity Year Type Sort Order

Reset

Showing 1-2 of 2 records

Threat Entry Updated 2025-06-09

CVE-2024-12400 - Tourmaster Plugin

The tourmaster WordPress plugin before 5.3.5 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting.

PLUGIN Tourmaster

CVE-2024-12400

HIGH CVSS 7.1 2025-01-30

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2025-06-05

CVE-2024-11356 - Tourmaster Plugin

The tourmaster WordPress plugin before 5.3.4 does not sanitise and escape some parameters when outputting them in the page, which could allow unauthenticated users to perform Cross-Site Scripting attacks.

PLUGIN Tourmaster

CVE-2024-11356

MEDIUM CVSS 6.1 2025-01-06

Risk Score

Open Full Technical Breakdown

Blog

"Prevention is cheaper than a breach"

Threat Database

CVE-2024-12400 - Tourmaster Plugin

CVE-2024-11356 - Tourmaster Plugin

Company Links

Contact Us