4 matches found
CVE-2024-11644
creationtimestamp| type| source ---|---|--- 2024-12-27 06:11:49+00:00| seen| https://infosec.exchange/users/cve/statuses/113723304047472241 2024-12-27 06:15:41+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lebdm6x3in2m 2024-12-27 07:37:35+00:00| seen|...
CVE-2024-11644 WP-SVG <= 0.9 - Contributor+ Stored XSS via Shortcode
The WP-SVG WordPress plugin through 0.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2024-11644 WP-SVG <= 0.9 - Contributor+ Stored XSS via Shortcode
The WP-SVG WordPress plugin through 0.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2024-11644
The CVE-2024-11644 entry concerns the WP-SVG WordPress plugin (versions