Lucene search
+L

WordPress WP-SVG plugin <= 0.9 - Contributor+ Stored XSS via Shortcode vulnerability

🗓️ 27 Dec 2024 06:42:23Reported by Bob MatyasType 
patchstack
 patchstack
🔗 patchstack.com👁 5 Views

WordPress WP-SVG plugin versions up to 0.9 expose stored XSS via shortcode, discovered by Bob Matyas.

Related
Detection
Refs
ReporterTitlePublishedViews
Family
Circl
CVE-2024-11644
27 Dec 202406:11
circl
CNNVD
WordPress plugin WP-SVG 安全漏洞
27 Dec 202400:00
cnnvd
CVE
CVE-2024-11644
27 Dec 202406:00
cve
Cvelist
CVE-2024-11644 WP-SVG <= 0.9 - Contributor+ Stored XSS via Shortcode
27 Dec 202406:00
cvelist
NVD
CVE-2024-11644
27 Dec 202406:15
nvd
OSV
CVE-2024-11644
27 Dec 202406:15
osv
Positive Technologies
PT-2024-17152 · WordPress · Wp-Svg
27 Dec 202400:00
ptsecurity
RedhatCVE
CVE-2024-11644
23 May 202507:50
redhatcve
Vulnrichment
CVE-2024-11644 WP-SVG <= 0.9 - Contributor+ Stored XSS via Shortcode
27 Dec 202406:00
vulnrichment
Wordfence Blog
Wordfence Intelligence Weekly WordPress Vulnerability Report (December 2, 2024 to December 8, 2024)
12 Dec 202415:38
wordfence
Rows per page
Vulners
Node
wordpresswp-svgRange0.9

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

27 Dec 2024 06:42Current
6Medium risk
Vulners AI Score6
CVSS 3.15.9
EPSS0.00333
SSVC
5