6 matches found
CVE-2024-10482
The Media File Rename, Find Unused File, Add Alt text, Caption, Desc For Image SEO WordPress plugin before 1.5.0 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...
CVE-2024-10482
creationtimestamp| type| source ---|---|--- 2024-11-21 06:06:38+00:00| seen| https://infosec.exchange/users/cve/statuses/113519440520027418...
CVE-2024-10482 Media Library Tools < 1.5.0 - Author+ Stored XSS via SVG
The Media File Rename, Find Unused File, Add Alt text, Caption, Desc For Image SEO WordPress plugin before 1.5.0 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...
CVE-2024-10482
CVE-2024-10482 affects the WordPress plugin Media File Rename, Find Unused File, Add Alt text, Caption, Desc For Image SEO (Media Library Tools). Prior to version 1.5.0, it failed to sanitize uploaded SVG files, allowing stored cross-site scripting (XSS) payloads by users with as little as Author...
CVE-2024-10482 Media Library Tools < 1.5.0 - Author+ Stored XSS via SVG
The Media File Rename, Find Unused File, Add Alt text, Caption, Desc For Image SEO WordPress plugin before 1.5.0 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...
WordPress Media Library Tools Plugin < 1.5.0 is vulnerable to Cross Site Scripting (XSS)
Software Media Library Tools Type Plugin Vulnerable versions 1.5.0 Fixed in 1.5.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10482 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 79520509f6a4 Credits Bob Matyas Required...