2 matches found
CVE-2024-2165
The SEOPress – On-site SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the image alt parameter in all versions up to, and including, 7.5.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author access...
WordPress SEOPress Plugin <= 7.5.2.1 is vulnerable to Cross Site Scripting (XSS)
Software SEOPress Type Plugin Vulnerable versions = 7.5.2.1 Fixed in 7.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2165 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID b92e3ab1041a Credits Ngô Thiên An ancorn - VNPT-VCI ...