Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:46 a.m.8 views

CVE-2024-4636

The Image Optimization by Optimole – Lazy Load, CDN, Convert WebP & AVIF plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘allowmemetypes’ function in versions up to, and including, 3.12.10 due to insufficient input sanitization and output escaping. This makes it possible...

6.4CVSS5.8AI score0.0042EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/15 6:51 a.m.34 views

CVE-2024-4636 Image Optimization by Optimole – Lazy Load, CDN, Convert WebP & AVIF <= 3.12.10 - Authenticated (Author+) Stored Cross-Site Scripting via SVG Upload

The Image Optimization by Optimole – Lazy Load, CDN, Convert WebP & AVIF plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘allowmemetypes’ function in versions up to, and including, 3.12.10 due to insufficient input sanitization and output escaping. This makes it possible...

6.4CVSS6AI score0.0042EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/05/15 6:51 a.m.11 views

CVE-2024-4636 Image Optimization by Optimole – Lazy Load, CDN, Convert WebP & AVIF <= 3.12.10 - Authenticated (Author+) Stored Cross-Site Scripting via SVG Upload

The Image Optimization by Optimole – Lazy Load, CDN, Convert WebP & AVIF plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘allowmemetypes’ function in versions up to, and including, 3.12.10 due to insufficient input sanitization and output escaping. This makes it possible...

6.4CVSS5.8AI score0.0042EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/05/15 12:0 a.m.16 views

WordPress Optimole Plugin <= 3.12.10 is vulnerable to Cross Site Scripting (XSS)

Software Optimole Type Plugin Vulnerable versions = 3.12.10 Fixed in 3.13.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4636 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 9a2ec8f02493 Credits wesley wcraft Required...

6.4CVSS5.8AI score0.0042EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder