CVE-2024-10515

CVSS 3.1 Score 3.5 of 10 (low)

Details

Published Nov 20, 2024

Updated: Nov 21, 2024

Summary

CVE-2024-10515 is a newly disclosed vulnerability affecting the Squirrly SEO plugin for WordPress before version 12.3.21. An attacker can exploit this issue to execute Stored Cross-Site Scripting (XSS) attacks. By embedding malicious scripts, they gain the ability to take over editor accounts, potentially leading to unauthorized access and data breaches. This vulnerability can be exploited through specially crafted input, posing a significant threat to websites using the affected plugin.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Squirrly

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/z_MVPs
https://www.cve.org/CVERecord?id=CVE-2024-10515
https://nvd.nist.gov/vuln/detail/CVE-2024-10515

Back to Vulnerability Database

CVE-2024-10515

CVSS 3.1 Score 3.5 of 10 (low)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations