cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-2328,https://securityvulnerability.io/vulnerability/CVE-2024-2328,Stored Cross-Site Scripting Vulnerability in Media Library Folder & File Manager Plugin,"The Real Media Library: Media Library Folder & File Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the image title and alt text in all versions up to, and including, 4.22.11 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author access and higher, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",Wordpress,Real Media Library: Media Library Folder & File Manager,6.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,2024-05-02T16:52:42.916Z,0
CVE-2024-2027,https://securityvulnerability.io/vulnerability/CVE-2024-2027,Stored Cross-Site Scripting Vulnerability in Real Media Library Plugin for WordPress,"The Real Media Library plugin for WordPress allows for Stored Cross-Site Scripting due to inadequate input sanitization and output escaping in its style attributes. This vulnerability impacts all versions up to and including 4.22.7, enabling authenticated attackers with contributor access or higher to inject malicious web scripts. These scripts can execute whenever a user accesses a page that has been compromised, leading to potential unauthorized actions and data exposure.",Wordpress,Real Media Library: Media Library Folder & File Manager,6.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,2024-04-09T18:58:52.514Z,0
CVE-2023-0285,https://securityvulnerability.io/vulnerability/CVE-2023-0285,Real Media Library < 4.18.29 - Author+ Stored XSS,"The Real Media Library WordPress plugin before 4.18.29 does not sanitise and escape the created folder names, which could allow users with the role of author and above to perform Stored Cross-Site Scripting attacks.",Wordpress,Real Media Library: Media Library Folder & File Manager,5.4,MEDIUM,0.000539999979082495,false,,false,false,false,,false,false,2023-02-21T09:15:00.000Z,0