CVE-2024-10515

Published: Nov 20, 2024

Modified: Nov 20, 2024

PUBLISHED

Description

In the process of testing the SEO Plugin by Squirrly SEO WordPress plugin before 12.3.21, a vulnerability was found that allows you to implement Stored XSS on behalf of the editor by embedding malicious script, which entails account takeover backdoor

Vendor	Product	Versions
Unknown	SEO Plugin by Squirrly SEO	affected `0 - < 12.3.21`

References

https://wpscan.com/vulnerability/367aad17-fbb5-48eb-8829-5d3513098d02/

exploit

vdb-entry

technical-description

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-10515

Description

Affected Products

References