Lucene search
WPScanCVELIST:CVE-2024-8092HistorySep 17, 2024 - 6:00 a.m.
CVE-2024-8092 Accordion Image Menu <= 3.1.3 - Stored XSS via CSRF
2024-09-1706:00:06
WPScan
www.cve.org
2
wordpress
stored xss
csrf
sanitisation
escaping
admin
EPSS
0
Percentile
9.6%
The Accordion Image Menu WordPress plugin through 3.1.3 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack.
CNA Affected
[
{
"vendor": "Unknown",
"product": "Accordion Image Menu",
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThanOrEqual": "3.1.3"
}
],
"defaultStatus": "affected"
}
]Related
cve
cve
CVE-2024-8092
2024-09-17 06:15:02
vulnrichment
vulnrichment
CVE-2024-8092 Accordion Image Menu <= 3.1.3 - Stored XSS via CSRF
2024-09-17 06:00:06
nvd
nvd
CVE-2024-8092
2024-09-17 06:15:02