2 matches found
CVE-2024-11357
CVE-2024-11357 affects the Goodlayers Core WordPress plugin (goodlayers-core). Public details indicate an authenticated stored XSS vulnerability due to insufficient sanitization/escaping of settings, exploitable by users with Contributor+ privileges. Impact is storage and execution of arbitrary s...
CVE-2024-12163
CVE-2024-12163 affects the WordPress plugin Goodlayers Core (Goodlayers Core) before version 2.1.3. The issue, as described in multiple sources, allows users with the Subscriber role and above to upload SVG files containing malicious payloads, enabling a stored Cross-Site Scripting (XSS) conditio...