cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-9118,https://securityvulnerability.io/vulnerability/CVE-2024-9118,Stored Cross-Site Scripting Vulnerability in Dark Mode Plugin,"The QS Dark Mode Plugin for WordPress has a vulnerability that allows stored cross-site scripting through SVG file uploads due to inadequate input validation and output escaping mechanisms. Authenticated attackers with Author-level access or higher can exploit this flaw to inject arbitrary web scripts, which are executed when users access the compromised SVG files. This vulnerability presents a significant security risk, as it can lead to unauthorized actions and the exposure of sensitive user information.",Wordpress,Qs Dark Mode Plugin,6.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,2024-10-01T09:30:31.139Z,0