CVE-2024-42214
HCL Aftermarket EPC is vulnerable to attack since HTTP OPTIONS method is enabled on this web server. The OPTIONS method provides a list of t
CVSS
5.3
Medium
EPSS
—
KEV
—
Exploit Today
0
0-100
Published: Jul 17, 2026 · Last modified: Jul 17, 2026 · CWE-692
Not enough EPSS history yet.
HCL Aftermarket EPC is vulnerable to attack since HTTP OPTIONS method is enabled on this web server. The OPTIONS method provides a list of the methods that are supported by the Web server which allows an attacker to narrow and intensify their efforts.
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2026-152954.4 MED8.8%
——3The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 7.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.3dCVE-2024-235694.3 MED—
——0HCL Aftermarket EPC is vulnerable to attack since the server is not configured with “X-XSS-Protection" header5h