3 matches found
CVE-2024-5945
CVE-2024-5945 affects the WP SVG Images WordPress plugin, with stored XSS via the type parameter in all versions up to 4.2 due to insufficient input sanitization. Exploitation requires authentication (Author-level access or higher) and permissions to upload sanitized files. Successful abuse could...
CVE-2024-5945 WP SVG Images <= 4.3 - Authenticated (Author+) Stored Cross-Site Scripting via SVG
The WP SVG Images plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘type’ parameter in all versions up to, and including, 4.3 due to insufficient input sanitization. This makes it possible for authenticated attackers, with Author-level access and above, who have permissio...
WordPress WP SVG images Plugin <= 4.2 is vulnerable to Cross Site Scripting (XSS)
Software WP SVG images Type Plugin Vulnerable versions = 4.2 Fixed in 4.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5945 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 8b632fc271b3 Credits Colin Xu Required privilege...