4 matches found
WordPress Z-Downloads plugin < 1.11.7 - Admin+ Stored XSS via SVG Upload vulnerability
Admin+ Stored XSS via SVG Upload vulnerability discovered by Bob Matyas in WordPress Plugin Z-Downloads versions 1.11.7...
CVE-2024-8673
The Z-Downloads WordPress plugin before 1.11.7 does not properly validate uploaded files allowing for the uploading of SVGs containing malicious JavaScript...
CVE-2024-8673 Z-Downloads < 1.11.7 - Admin+ Stored XSS via SVG Upload
The Z-Downloads WordPress plugin before 1.11.7 does not properly validate uploaded files allowing for the uploading of SVGs containing malicious JavaScript...
CVE-2024-8673
creationtimestamp| type| source ---|---|--- 2024-11-16 18:17:28+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-8673.yaml...