Lucene search
HistoryApr 26, 2024 - 2:15 p.m.
CVE-2024-3076
cve-2024-3076
csrf
sanitisation
escaping
stored xss
wordpress plugin
security vulnerability
The MM-email2image WordPress plugin through 0.2.5 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack
Related
cve
cve
CVE-2024-3076
2024-04-26 14:15:07
wpvulndb
wpvulndb
MM-email2image <= 0.2.5 - Stored XSS via CSRF
2024-04-05 00:00:00
cvelist
cvelist
CVE-2024-3076 MM-email2image <= 0.2.5 - Stored XSS via CSRF
2024-04-26 13:23:08
wpexploit
wpexploit
MM-email2image <= 0.2.5 - Stored XSS via CSRF
2024-04-05 00:00:00
wordfence
wordfence