WordPress Media Library Tools <1.5.0 Stored XSS via SVG (CVE-2024-10482)

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. Plugin Name: Media Library Tools < 1.5.0 2. Vulnerability Type: Author+ Stored XSS via SVG 3. Description: The plugin does not sanitize uploaded SVG files, allowing users with Author or higher roles to upload malicious SVG files containing XSS payloads. 4. Proof of Concept: - As an administrator, enable SVG support. - As an author, upload an SVG file containing the payload. - View the SVG and observe the XSS execution. 5. Affected Plugin: media-library-tools, fixed in version 1.5.0. 6. Reference: CVE-2024-10482 7. Classification: - Type: XSS - OWASP Top 10: A7: Cross-Site Scripting (XSS) - CWE: CWE-79 - CVSS: 5.9 (Medium) 8. Additional Information: - Original Researcher: Bob Matyas - Submitter: Bob Matyas - Submitter Website: https://www.bobmatyas.com - Submitter Twitter: bobmatyas - Verified: Yes - WPVDB ID: 46cbd4bb-b6f3-49e8-8d79-8c378c617e7c - Published Date: October 31, 2024 (approximately 23 days ago) - Added Date: October 31, 2024 (approximately 23 days ago) - Last Updated: October 31, 2024 (approximately 23 days ago) - Other Vulnerabilities Listed: - Calculated Fields Form < 1.2.55 - Reflected Cross-Site Scripting - All In One Favicon <= 4.6 - Multiple Stored Authenticated XSS - Gum Elementor Addon < 1.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Meta Widget - tagDiv Composer < 4.2 - Admin+ Stored XSS - Chaty < 3.1.3 - Authenticated (Administrator+) Stored Cross-Site Scripting via settings This information provides detailed descriptions, scope of impact, remediation status, references, and classifications for the vulnerability.

Goal Reached Thanks to every supporter — we hit 100%!

WordPress Media Library Tools <1.5.0 Stored XSS via SVG (CVE-2024-10482)

More from this source