CVE-2024-4546 | Custom Post Type Attachment Plugin up to 3.4.5 on WordPress Shortcode pdf_attachment cross site scripting

Posted by Angelo Barbosa | May 15, 2024 | CVE

A vulnerability was found in Custom Post Type Attachment Plugin up to 3.4.5 on WordPress. It has been declared as problematic. This vulnerability affects the function pdf_attachment of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability was named CVE-2024-4546. The attack can be initiated remotely. There is no exploit available.

CVE-2024-4546 | Custom Post Type Attachment Plugin up to 3.4.5 on WordPress Shortcode pdf_attachment cross site scripting

Related Posts

CVE-2023-7134 | SourceCodester Medicine Tracking System 1.0 page path traversal

CVE-2023-52226 | Advanced Flamingo Plugin up to 1.0 on WordPress cross-site request forgery

CVE-2024-1174 | HP ThinPro up to 8.0 SP7 Privilege Escalation

CVE-2023-3352 | Smush Plugin up to 3.16.4 on WordPress Resmush List authorization