2 matches found
CVE-2024-1496
CVE-2024-1496 affects the WordPress plugin “Featured Image from URL (FIFU)”. The vulnerability is a Stored Cross-Site Scripting (XSS) via the fifu_input_url parameter, in all versions up to 4.6.2. With contributor+ privileges, an authenticated attacker can inject scripts that execute when users v...
WordPress Featured Image from URL Plugin <= 4.6.2 is vulnerable to Cross Site Scripting (XSS)
Software Featured Image from URL Type Plugin Vulnerable versions = 4.6.2 Fixed in 4.6.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1496 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID f0a73358e107 Credits Nikolas Required...