3 matches found
CVE-2024-6497
CVE-2024-6497 refers to the SEO Plugin by Squirrly SEO for WordPress. The vulnerability is described as Stored Cross-Site Scripting via the url parameter in versions up to and including 12.3.19, due to insufficient input sanitization and output escaping. It requires Contributor+ level authenticat...
CVE-2024-6497 SEO Plugin by Squirrly SEO <= 12.3.19 - Authenticated (Contributor+) SQL Injection via url Parameter
The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 12.3.19 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2024-6497 SEO Plugin by Squirrly SEO <= 12.3.19 - Authenticated (Contributor+) SQL Injection via url Parameter
The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 12.3.19 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...