CVE-2024-10515

SEO Plugin by Squirrly SEO < 12.3.21 - Editor+ Stored XSS

Description

In the process of testing the SEO Plugin by Squirrly SEO WordPress plugin before 12.3.21, a vulnerability was found that allows you to implement Stored XSS on behalf of the editor by embedding malicious script, which entails account takeover backdoor

INFO

Published Date :

2024-11-20T06:00:05.036Z

Last Modified :

2024-11-20T15:33:58.689Z

Source :

WPScan

AFFECTED PRODUCTS

The following products are affected by CVE-2024-10515 vulnerability.

Vendors	Products
Squirrly	Seo Plugin By Squirrly Seo

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-10515.

URL	Resource
https://wpscan.com/vulnerability/367aad17-fbb5-48eb-8829-5d3513098d02/

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact