CVE-2024-9696 - Exploiting Stored XSS in Rescue Shortcodes WordPress Plugin — Technical Deep Dive
On March 18, 2024, security researchers published details for a new vulnerability — CVE-2024-9696 — affecting the popular Rescue Shortcodes WordPress plugin. This vulnerability, which affects all
CVE-2024-9595 - Exploiting Stored XSS in TablePress WordPress Plugin (v2.4.2 and Below)
---
Introduction
A critical vulnerability, tracked as CVE-2024-9595, has been identified in the popular WordPress plugin TablePress (up to version 2.4.2). This flaw
CVE-2024-9047 - Exploiting Path Traversal in WordPress File Upload Plugin (v4.24.11 and Below)
Published: June 2024
Vulnerability Type: Path Traversal
Component: WordPress File Upload Plugin
Versions Affected: All up to 4.24.11
Attack Vector: Remote, unauthenticated
PHP
CVE-2024-9776 - How a WordPress Plugin Vulnerability Lets Admins Inject Malicious Scripts via ImagePress Settings
CVE-2024-9776 is a newly identified stored Cross-Site Scripting (XSS) weakness in the ImagePress – Image Gallery plugin for WordPress. This issue impacts all plugin versions through
CVE-2024-9778 - How a Simple CSRF Bug in ImagePress Plugin Can Compromise Your WordPress Site
The WordPress plugin ImagePress – Image Gallery is widely used for displaying beautiful image galleries on blogs and portfolio websites. However, a dangerous security flaw — officially
Episode
00:00:00
00:00:00