cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-10017,https://securityvulnerability.io/vulnerability/CVE-2024-10017,Stored Cross-Site Scripting via SVG File uploads in Mime Config plugin,"The PJW Mime Config plugin for WordPress is susceptible to a Stored Cross-Site Scripting vulnerability through SVG file uploads. This issue arises from inadequate input sanitization and output escaping processes present in the plugin. Authenticated users with Author-level access or higher can exploit this vulnerability to inject arbitrary web scripts into pages, compromising user interactions whenever the SVG file is accessed. This security risk underscores the importance of robust input handling mechanisms within WordPress plugins to protect against malicious script injections.",Wordpress,Pjw Mime Config,6.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-11-16T03:20:44.022Z,0