Security Advisory

CVE-2024-6494

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-08-07 06:00:06

Last updated 2024-08-07 13:11:42

Assigner WPScan

State PUBLISHED

Description

The WordPress File Upload WordPress plugin before 4.24.8 does not properly sanitize and escape certain parameters, which could allow unauthenticated users to execute stored cross-site scripting (XSS) attacks.

← Browse all CVEs View on cve.org ↗