cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-9619,https://securityvulnerability.io/vulnerability/CVE-2024-9619,Stored Cross-Site Scripting Vulnerability in WP SHAPES Plugin for WordPress,"The WP SHAPES plugin for WordPress is susceptible to a stored cross-site scripting (XSS) vulnerability due to inadequate input sanitization and output escaping. This vulnerability affects all versions up to and including 1.0.0, enabling authenticated attackers with Author-level access and higher to exploit the flaw by uploading SVG files containing malicious web scripts. These scripts can execute when unsuspecting users access the SVG files, posing significant security risks to the integrity of web pages and the safety of user data.",Wordpress,WP Shapes,6.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,2024-12-20T06:59:07.849Z,0