3 matches found
CVE-2024-4847 Alt Text AI – Automatically generate image alt text for SEO and accessibility <= 1.4.9 - Authenticated (Subscriber+) SQL Injection
The Alt Text AI – Automatically generate image alt text for SEO and accessibility plugin for WordPress is vulnerable to generic SQL Injection via the ‘lastpostid’ parameter in all versions up to, and including, 1.4.9 due to insufficient escaping on the user supplied parameter and lack of sufficie...
CVE-2024-4847 Alt Text AI – Automatically generate image alt text for SEO and accessibility <= 1.4.9 - Authenticated (Subscriber+) SQL Injection
The Alt Text AI – Automatically generate image alt text for SEO and accessibility plugin for WordPress is vulnerable to generic SQL Injection via the ‘lastpostid’ parameter in all versions up to, and including, 1.4.9 due to insufficient escaping on the user supplied parameter and lack of sufficie...
WordPress Download Alt Text AI Plugin <= 1.4.9 is vulnerable to SQL Injection
Software Download Alt Text AI Type Plugin Vulnerable versions = 1.4.9 Fixed in 1.5.0 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-4847 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 156a5d33530e Credits Lucio Sá Required privilege Subscriber...