Lucene search
K

184 matches found

NVD
NVD
added 2024/05/15 2:15 a.m.18 views

CVE-2024-4847

The Alt Text AI – Automatically generate image alt text for SEO and accessibility plugin for WordPress is vulnerable to generic SQL Injection via the ‘lastpostid’ parameter in all versions up to, and including, 1.4.9 due to insufficient escaping on the user supplied parameter and lack of sufficie...

8.8CVSS8.7AI score0.00612EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/05/15 1:56 a.m.14 views

CVE-2024-4847 Alt Text AI – Automatically generate image alt text for SEO and accessibility <= 1.4.9 - Authenticated (Subscriber+) SQL Injection

The Alt Text AI – Automatically generate image alt text for SEO and accessibility plugin for WordPress is vulnerable to generic SQL Injection via the ‘lastpostid’ parameter in all versions up to, and including, 1.4.9 due to insufficient escaping on the user supplied parameter and lack of sufficie...

8.8CVSS7.3AI score0.00612EPSS
Exploits0References4
CVE
CVE
added 2024/05/15 1:56 a.m.25 views

CVE-2024-4847

CVE-2024-4847 affects the WordPress plugin Alt Text AI – Automatically generate image alt text for SEO and accessibility. The vulnerability is a generic SQL Injection via the last_post_id parameter in all versions up to 1.4.9, caused by insufficient escaping of the user-supplied value and lack of...

8.8CVSS7.1AI score0.00612EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/05/15 1:56 a.m.25 views

CVE-2024-4847 Alt Text AI – Automatically generate image alt text for SEO and accessibility <= 1.4.9 - Authenticated (Subscriber+) SQL Injection

The Alt Text AI – Automatically generate image alt text for SEO and accessibility plugin for WordPress is vulnerable to generic SQL Injection via the ‘lastpostid’ parameter in all versions up to, and including, 1.4.9 due to insufficient escaping on the user supplied parameter and lack of sufficie...

8.8CVSS9.3AI score0.00612EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/05/15 12:0 a.m.4 views

WordPress plugin Alt Text AI 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.8CVSS7.7AI score0.00612EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/05/14 12:18 p.m.5 views

WordPress Alt Text AI plugin <= 1.4.9 - Authenticated (Subscriber+) SQL Injection vulnerability

Authenticated Subscriber+ SQL Injection vulnerability discovered by Lucio Sá in WordPress Plugin Download Alt Text AI versions = 1.4.9...

8.8CVSS8.1AI score0.00612EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/14 12:0 a.m.12 views

Alt Text AI – Automatically generate image alt text for SEO and accessibility < 1.5.0 - Authenticated (Subscriber+) SQL Injection

Description The Alt Text AI – Automatically generate image alt text for SEO and accessibility plugin for WordPress is vulnerable to generic SQL Injection via the ‘lastpostid’ parameter in all versions up to, and including, 1.4.9 due to insufficient escaping on the user supplied parameter and lack...

8.8CVSS7.6AI score0.00612EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/05/14 12:0 a.m.9 views

WordPress Download Alt Text AI Plugin <= 1.4.9 is vulnerable to SQL Injection

Software Download Alt Text AI Type Plugin Vulnerable versions = 1.4.9 Fixed in 1.5.0 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-4847 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 156a5d33530e Credits Lucio Sá Required privilege Subscriber...

8.8CVSS6.8AI score0.00612EPSS
Exploits0References3Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/07 12:0 a.m.16 views

Download Alt Text AI < 1.3.5 - Authenticated (Administrator+) Stored Cross-Site Scripting

Description The Alt Text AI – Automatically generate image alt text for SEO and accessibility plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. This makes it...

5.9CVSS5.7AI score0.00362EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/05/06 7:15 p.m.18 views

CVE-2024-34366

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AltText.Ai Download Alt Text AI allows Stored XSS.This issue affects Download Alt Text AI: from n/a through 1.3.4...

5.9CVSS6.1AI score0.00362EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/05/06 12:0 a.m.8 views

PT-2024-25824 · Unknown · Download Alt Text Ai

Name of the Vulnerable Software and Affected Versions: Download Alt Text AI versions 1.3.4 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS in Download Alt Text AI...

5.9CVSS5.8AI score0.00362EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/05/03 11:2 a.m.7 views

WordPress AltText.ai plugin <=1.3.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Manab Jyoti Dowarah Patchstack Alliance in WordPress Plugin Download Alt Text AI versions = 1.3.4...

5.9CVSS6.1AI score0.00362EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/05/03 12:0 a.m.11 views

WordPress Download Alt Text AI Plugin <=1.3.4 is vulnerable to Cross Site Scripting (XSS)

Software Download Alt Text AI Type Plugin Vulnerable versions =1.3.4 Fixed in 1.3.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34366 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 15bd973c927c Credits Manab Jyoti Dowarah Required...

5.9CVSS6.6AI score0.00362EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/05/02 5:15 p.m.7 views

CVE-2024-2328

The Real Media Library: Media Library Folder & File Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the image title and alt text in all versions up to, and including, 4.22.11 due to insufficient input sanitization and output escaping. This makes it possible for...

5.4CVSS5.9AI score0.00404EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/05/02 4:52 p.m.29 views

CVE-2024-2328 Real Media Library <= 4.22.11 - Authenticated (Author+) Stored Cross-Site Scripting

The Real Media Library: Media Library Folder & File Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the image title and alt text in all versions up to, and including, 4.22.11 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.8AI score0.00404EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/05/02 12:0 a.m.5 views

WordPress plugin Real Media Library: Media Library Folder & File Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPress...

6.4CVSS5.7AI score0.00404EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/05/02 12:0 a.m.4 views

PT-2024-19774 · WordPress · The Real Media Library

Name of the Vulnerable Software and Affected Versions: The Real Media Library: Media Library Folder & File Manager plugin for WordPress versions prior to 4.22.12 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping in the imag...

6.4CVSS5.9AI score0.00404EPSS
Exploits0References6
NVD
NVD
added 2024/04/25 10:15 a.m.18 views

CVE-2024-4035

The Photo Gallery – GT3 Image Gallery & Gutenberg Block Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image alt text in all versions up to, and including, 2.7.7.21 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS5.7AI score0.00333EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/04/25 12:0 a.m.9 views

PT-2024-28818 · WordPress · The Photo Gallery – Gt3 Image Gallery & Gutenberg Block Gallery

Name of the Vulnerable Software and Affected Versions: The Photo Gallery – GT3 Image Gallery & Gutenberg Block Gallery plugin for WordPress versions up to, and including, 2.7.7.21 Description: The issue is related to Stored Cross-Site Scripting via image alt text due to insufficient input...

6.4CVSS6AI score0.00333EPSS
Exploits0References4
OSV
OSV
added 2024/04/23 2:15 p.m.5 views

CVE-2024-2477

The wpDiscuz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Alternative Text' field of an uploaded image in all versions up to, and including, 7.6.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

5.4CVSS5.9AI score0.0034EPSS
Exploits0References2
Rows per page
Query Builder