CVE-2024-5945

🗓️ 21 Jun 2024 08:09:15Reported by WordfenceType

WP SVG Images plugin v4.2 Authenticated Stored XSS via 'type' paramete

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 6
NVD	CVE-2024-5945	21 Jun 202408:15	–	nvd
Vulnrichment	CVE-2024-5945 WP SVG Images <= 4.2 - Authenticated (Author+) Stored Cross-Site Scripting via SVG	21 Jun 202407:39	–	vulnrichment
Patchstack	WordPress WP SVG images Plugin <= 4.2 is vulnerable to Cross Site Scripting (XSS)	20 Jun 202400:00	–	patchstack
RedhatCVE	CVE-2024-5945	23 May 202509:28	–	redhatcve
Cvelist	CVE-2024-5945 WP SVG Images <= 4.2 - Authenticated (Author+) Stored Cross-Site Scripting via SVG	21 Jun 202407:39	–	cvelist
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (June 17, 2024 to June 23, 2024)	27 Jun 202415:00	–	wordfence

Nvd

Vulners

Node

kubiq wp_svg_imagesRange<4.3wordpress

[
  {
    "vendor": "shortpixel",
    "product": "WP SVG Images",
    "versions": [
      {
        "version": "*",
        "status": "affected",
        "lessThanOrEqual": "4.2",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
plugins	www.plugins.trac.wordpress.org/browser/wp-svg-images/trunk/wp-svg-images.php
plugins	www.plugins.trac.wordpress.org/changeset/3105276/
plugins	www.plugins.trac.wordpress.org/browser/wp-svg-images/trunk/wp-svg-images.php
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/389d96e9-1fad-49a6-89b6-8f7f108d8117

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo