Supply Chain Management (SCM) Archives - Proactive Insights and Support For Open-Source Applications

Selected category

Communication
- Communication
Communication and Collaboration
Specialized Software
- Educational
- Graphic Design
Business and Enterprise Solutions
Project and Agile Management
- Project Management
- IT Business Management
Infrastructure and Network
- CMS
- Networking
- Storage
- Security
DevOps
Data Management and Analytics

20 Aug 2024 Business and Enterprise Solutions

WordPress: Unauthenticated Script Injection via Inadequate Input Sanitization

In WordPress File Upload plugin for WordPress, all versions up to and including 4.24.8 a high severity vulnerability CVE-2024-7301 was detected. The issue allows unauthenticated attackers to inject arbitrary web scripts into SVG files due to insufficient input sanitization and output escaping, leading to script execution whenever a user accesses the file. Currently, there is no fix version for this issue. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-7301.