Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 6:40 a.m.8 views

CVE-2024-10482

The Media File Rename, Find Unused File, Add Alt text, Caption, Desc For Image SEO WordPress plugin before 1.5.0 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...

5.4CVSS5.9AI score0.00363EPSS
Exploits1References1
Circl
Circl
added 2024/11/21 6:6 a.m.10 views

CVE-2024-10482

creationtimestamp| type| source ---|---|--- 2024-11-21 06:06:38+00:00| seen| https://infosec.exchange/users/cve/statuses/113519440520027418...

5.4CVSS6.9AI score0.00363EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/11/21 6:0 a.m.34 views

CVE-2024-10482 Media Library Tools < 1.5.0 - Author+ Stored XSS via SVG

The Media File Rename, Find Unused File, Add Alt text, Caption, Desc For Image SEO WordPress plugin before 1.5.0 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...

0.00363EPSS
Exploits1References1
CVE
CVE
added 2024/11/21 6:0 a.m.57 views

CVE-2024-10482

CVE-2024-10482 affects the WordPress plugin Media File Rename, Find Unused File, Add Alt text, Caption, Desc For Image SEO (Media Library Tools). Prior to version 1.5.0, it failed to sanitize uploaded SVG files, allowing stored cross-site scripting (XSS) payloads by users with as little as Author...

5.4CVSS5.3AI score0.00363EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/11/21 6:0 a.m.13 views

CVE-2024-10482 Media Library Tools < 1.5.0 - Author+ Stored XSS via SVG

The Media File Rename, Find Unused File, Add Alt text, Caption, Desc For Image SEO WordPress plugin before 1.5.0 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...

6AI score0.00363EPSS
Exploits1References1
Patchstack
Patchstack
added 2024/11/21 12:0 a.m.10 views

WordPress Media Library Tools Plugin < 1.5.0 is vulnerable to Cross Site Scripting (XSS)

Software Media Library Tools Type Plugin Vulnerable versions 1.5.0 Fixed in 1.5.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10482 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 79520509f6a4 Credits Bob Matyas Required...

5.4CVSS6AI score0.00363EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder