cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-12328,https://securityvulnerability.io/vulnerability/CVE-2024-12328,Stored Cross-Site Scripting Vulnerability in MAS Elementor Plugin for WordPress,"The MAS Elementor plugin for WordPress contains a vulnerability that enables stored Cross-Site Scripting (XSS) attacks via SVG file uploads. This flaw exists due to inadequate input sanitization and output escaping, allowing authenticated users with Author-level access and above to inject malicious scripts into web pages. When other users access the affected SVG files, the embedded scripts execute, potentially compromising user security and privacy.",Wordpress,Mas Elementor,6.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,false,,2025-01-08T08:18:16.153Z,0