CVE-2024-11974 | Media Library Assistant Plugin up to 3.23 on WordPress Setting cross site scripting

Posted by Angelo Barbosa | Jan 4, 2025 | CVE

A vulnerability has been found in Media Library Assistant Plugin up to 3.23 on WordPress and classified as problematic. This vulnerability affects unknown code of the component Setting Handler. The manipulation of the argument smc_settings_tab/unattachfixit-action/woofixit-action leads to cross site scripting.

This vulnerability was named CVE-2024-11974. The attack can be initiated remotely. There is no exploit available.

CVE-2024-11974 | Media Library Assistant Plugin up to 3.23 on WordPress Setting cross site scripting

Related Posts

CVE-2024-4089 | Lenovo SuperFile up to 2.3 uncontrolled search path

CVE-2024-4478 | Happy Addons for Elementor Plugin up to 3.10.7 on WordPress Image Stack Group Widget cross site scripting

CVE-2024-41887 | Hanwha Vision XRN-420S up to 5.01.62 log file

CVE-2024-26634 | Linux Kernel up to 6.1.75/6.6.14/6.7.2 Net Namespace net/core/dev.c Privilege Escalation