cbcvebase.
CVE-2024-10515
published 2024-11-20

CVE-2024-10515: In the process of testing the SEO Plugin by Squirrly SEO WordPress plugin before 12.3.21, a vulnerability was found that allows you to implement Stored XSS on…

PriorityP415low3.5CVSS 3.1
AVNACLPRHUIRSUCLILAN
EPSS
0.30%
22.0th percentile
In the process of testing the SEO Plugin by Squirrly SEO WordPress plugin before 12.3.21, a vulnerability was found that allows you to implement Stored XSS on behalf of the editor by embedding malicious script, which entails account takeover backdoor

Affected

1 ranges
VendorProductVersion rangeFixed in
squirrlyseo_plugin_by_squirrly_seo< 12.3.2112.3.21
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.