CVE-2024-4546 | Custom Post Type Attachment Plugin up to 3.4.5 on WordPress Shortcode pdf_attachment cross site scripting

Inserito da Angelo Barbosa | Mag 15, 2024 | CVE

A vulnerability was found in Custom Post Type Attachment Plugin up to 3.4.5 on WordPress. It has been declared as problematic. This vulnerability affects the function pdf_attachment of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability was named CVE-2024-4546. The attack can be initiated remotely. There is no exploit available.

CVE-2024-4546 | Custom Post Type Attachment Plugin up to 3.4.5 on WordPress Shortcode pdf_attachment cross site scripting

Post correlati

CVE-2024-35780 | Live Composer Team Page Builder Plugin up to 1.5.42 on WordPress deserialization

CVE-2024-26588 | Linux Kernel up to 6.0/6.1.74/6.6.13/6.7.1 BPF out-of-bounds

CVE-2024-1477 | aankit Easy Maintenance Mode Plugin up to 1.4.2 on WordPress REST API information disclosure

CVE-2023-51197 | OSRF ROS2 Foxy Fitzroy os command injection