CVE-2024-38696

Name: Websites susceptible to CVE-2024-38696
Creator: WebTechSurvey

CVE-2024-38696

WordPress Zoho CRM Lead Magnet plugin <= 1.7.8.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Zoho CRM Zoho CRM Lead Magnet allows Reflected XSS.This issue affects Zoho CRM Lead Magnet: from n/a through 1.7.8.8.

We have discovered 53 live websites that are affected by CVE-2024-38696.

Run a Free Instant Scan

Affected Software


Product	Zoho Crm Forms
Category	Wordpress Plugins
Vulnerable Domains	53 live websites (100% of Zoho Crm Forms install base)
Vulnerable Versions	from 0 through 1.7.8.8
Vulnerable Versions Count	0 versions ( less than 0.1% of all versions)

Common Weakness Enumeration

CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Available Reports

Website List

Details

Published - Jul 20, 2024
Updated - Aug 2, 2024

Credits

Dimas Maulana (Patchstack Alliance) (finder)

CVE References

CWE References

cwe.mitre.org

CWE

CWE-79

Website Distribution by Country

Number of websites using CVE-2024-38696

United States	16 websites

Japan	11 websites
Australia	4 websites
France	4 websites
Spain	2 websites
GB	2 websites
India	2 websites
Mexico	2 websites
United Arab Emirates	1 websites

Website Distribution by TLD

Number of websites using CVE-2024-38696

.com	36 websites
.co.jp	3 websites
.com.au	3 websites
.ca	2 websites
.cn	1 websites
.es	1 websites

Websites affected by CVE-2024-38696

Top websites that are affected by CVE-2024-38696. Please click on the "Contact us" link to get more information.

Domain	Country	Rank
************.*.au	Australia	*,*
*******.com	India	,,*
*********.com	GB	,,*
*********.com	France	,,*
***********.ca	Canada	,,*
*********.ca	Cyprus	,,*
*****************.com	United States	,,*
********.com	United States	,,*
***********.com	Czech Republic	,,*
********.com	United States	,,*