Lucene search
K

3 matches found

Vulnrichment
Vulnrichment
added 2024/05/15 1:56 a.m.14 views

CVE-2024-4847 Alt Text AI – Automatically generate image alt text for SEO and accessibility <= 1.4.9 - Authenticated (Subscriber+) SQL Injection

The Alt Text AI – Automatically generate image alt text for SEO and accessibility plugin for WordPress is vulnerable to generic SQL Injection via the ‘lastpostid’ parameter in all versions up to, and including, 1.4.9 due to insufficient escaping on the user supplied parameter and lack of sufficie...

8.8CVSS7.3AI score0.00612EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/05/15 1:56 a.m.26 views

CVE-2024-4847 Alt Text AI – Automatically generate image alt text for SEO and accessibility <= 1.4.9 - Authenticated (Subscriber+) SQL Injection

The Alt Text AI – Automatically generate image alt text for SEO and accessibility plugin for WordPress is vulnerable to generic SQL Injection via the ‘lastpostid’ parameter in all versions up to, and including, 1.4.9 due to insufficient escaping on the user supplied parameter and lack of sufficie...

8.8CVSS9.3AI score0.00612EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/05/14 12:0 a.m.9 views

WordPress Download Alt Text AI Plugin <= 1.4.9 is vulnerable to SQL Injection

Software Download Alt Text AI Type Plugin Vulnerable versions = 1.4.9 Fixed in 1.5.0 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-4847 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 156a5d33530e Credits Lucio Sá Required privilege Subscriber...

8.8CVSS6.8AI score0.00612EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder