{"uuid": "1e109db2-770d-4653-9d85-52af91c9b8a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-0852", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16569", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-0852\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The coreActivity: Activity Logging for WordPress plugin before 1.8.1 does not escape some request data when outputting it back in the admin dashboard, allowing unauthenticated users to perform Stored XSS attack against high privilege users such as admin\n\ud83d\udccf Published: 2025-05-15T20:09:31.811Z\n\ud83d\udccf Modified: 2025-05-15T20:09:31.811Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/743c4d79-e1d5-4fb0-a17d-296df2c54e8a/", "creation_timestamp": "2025-05-15T20:33:56.000000Z"}