Today > | 1 Medium vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-4899

June 24, 2024, 12:57 p.m.

Tags

contact@wpscan.com
2024-06-24
CVE-2024-4899

Product(s) Impacted

SEOPress WordPress plugin

  • before 7.8

Description

The SEOPress WordPress plugin before 7.8 does not sanitise and escape some of its Post settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks.

Weaknesses

Date

Published: June 24, 2024, 6:15 a.m.

Last Modified: June 24, 2024, 12:57 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

contact@wpscan.com

References

https://wpscan.com/ contact@wpscan.com