3 matches found
CVE-2024-10584
creationtimestamp| type| source ---|---|--- 2024-12-24 11:11:51+00:00| seen| https://infosec.exchange/users/cve/statuses/113707496947756711 2024-12-24 11:15:32+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3le2cxlujee2m 2024-12-24 12:43:57+00:00| seen|...
CVE-2024-10584 DirectoryPress <= 3.6.16 - Authenticated (Author+) Stored Cross-Site Scripting
The DirectoryPress – Business Directory And Classified Ad Listing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 3.6.16 due to insufficient input sanitization and output escaping. This makes it possible for authenticate...
CVE-2024-10584 DirectoryPress <= 3.6.16 - Authenticated (Author+) Stored Cross-Site Scripting
The DirectoryPress – Business Directory And Classified Ad Listing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 3.6.16 due to insufficient input sanitization and output escaping. This makes it possible for authenticate...