CVE-2024-9060

Published
View on NVD ↗
CVSS v3
6.4
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT

Description

The AVIF & SVG Uploader plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in version 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.

AVIF Uploader
AVIF Uploader
<p>AVIF support plugin aims to support avif images in WordPress by overcome wp issues and limits regarding uploading, displaying and generating avif and SVG images.</p> <h3>Features</h3> <ul> <li>Check Your server status for AVIF Support.</li> <li>Allow AVIF images upload.</li> <li>Fix WP width and height failure.</li> <li>Fix AVIF sub-sizes generation.</li> <li>Fix AVIF downscale image generation.</li> </ul> <p>to learn more details about the wp issues the plugin solves, check this article:</p> <p><a href="https://grandplugins.com/how-to-upload-avif-images-in-wordpress/?utm_source=wp" rel="nofollow ugc">How to upload AVIF images in WordPress</a></p> <h3>Empower Your Website with Our Additional Plugins</h3> <p><a href="https://grandplugins.com/product/woo-paypal-checkout/?utm_source=free&amp;utm_medium=gpls-avfstw-avif-support" rel="nofollow ugc">Woo Paypal Checkout</a></p> <p><a href="https://grandplugins.com/product/wp-debug-viewer/?utm_source=free&amp;utm_medium=gpls-avfstw-avif-support" rel="nofollow ugc">Woo Debug Viewer</a></p> <p><a href="https://grandplugins.com/product/woo-order-splitter/?utm_source=free&amp;utm_medium=gpls-avfstw-avif-support" rel="nofollow ugc">Woo Order Splitter</a></p> <p><a href="https://grandplugins.com/product/wp-db-controller/?utm_source=free&amp;utm_medium=gpls-avfstw-avif-support" rel="nofollow ugc">WP DB Controller</a></p> <p><a href="https://grandplugins.com/product/woo-conditional-gateways/?utm_source=free&amp;utm_medium=gpls-avfstw-avif-support" rel="nofollow ugc">Woo Conditional Gateways</a></p> <p><a href="https://grandplugins.com/product/woo-user-orders-limit/?utm_source=free&amp;utm_medium=gpls-avfstw-avif-support" rel="nofollow ugc">Woo User Orders Limit</a></p> <p><a href="https://grandplugins.com/product/woo-lemonsqueezy-gateway/?utm_source=free&amp;utm_medium=gpls-avfstw-avif-support" rel="nofollow ugc">Woo Lemonsqueezy Gateway</a></p> <p><a href="https://grandplugins.com/product/woo-email-tracker/?utm_source=free&amp;utm_medium=gpls-avfstw-avif-support" rel="nofollow ugc">Woo Email Tracker</a></p> <p><a href="https://grandplugins.com/product/woo-order-email-recipients/?utm_source=free&amp;utm_medium=gpls-avfstw-avif-support" rel="nofollow ugc">Woo Email Recipients</a></p> <p><a href="https://grandplugins.com/product/woo-instock-notifier/?utm_source=free&amp;utm_medium=gpls-avfstw-avif-support" rel="nofollow ugc">Woo instock notifier</a></p> <p><a href="https://grandplugins.com/product/woo-gift-cards/?utm_source=free&amp;utm_medium=gpls-avfstw-avif-support" rel="nofollow ugc">Woo Gift Cards</a></p> <p><a href="https://grandplugins.com/product/woo-restrict-orders/?utm_source=free&amp;utm_medium=gpls-avfstw-avif-support" rel="nofollow ugc">Woo Restrict Orders</a></p> <p><a href="https://grandplugins.com/product/woo-bulk-price-change/?utm_source=free&amp;utm_medium=gpls-avfstw-avif-support" rel="nofollow ugc">Woo Bulk Price &amp; Stock Manager</a></p> <p><a href="https://grandplugins.com/product/woo-variation-sold-individually/?utm_source=free&amp;utm_medium=gpls-avfstw-avif-support" rel="nofollow ugc">Woo Variation Sold individually</a></p> <p><a href="https://grandplugins.com/product/woo-paddle-checkout/?utm_source=free&amp;utm_medium=gpls-avfstw-avif-support" rel="nofollow ugc">Woo Paddle Checkout</a></p> <p><a href="https://grandplugins.com/product/woo-sales-notification/?utm_source=free&amp;utm_medium=gpls-avfstw-avif-support" rel="nofollow ugc">Woo Sales notifications</a></p> <p><a href="https://grandplugins.com/product/woo-cart-tracker/?utm_source=free&amp;utm_medium=gpls-avfstw-avif-support" rel="nofollow ugc">Woo Real time Cart Tracker</a></p> <p><a href="https://grandplugins.com/product/woo-best-seller/?utm_source=free&amp;utm_medium=gpls-avfstw-avif-support" rel="nofollow ugc">Woo Best Sellers</a></p> <p><a href="https://grandplugins.com/product/woo-advanced-captcha/?utm_source=free&amp;utm_medium=gpls-avfstw-avif-support" rel="nofollow ugc">Advanced Captcha</a></p> <p><a href="https://grandplugins.com/product/woo-advanced-add-to-cart/?utm_source=free&amp;utm_medium=gpls-avfstw-avif-support" rel="nofollow ugc">WooCommerce Advanced Bundles</a></p> <p><a href="https://grandplugins.com/product/woo-advanced-pricing/?utm_source=free&amp;utm_medium=gpls-avfstw-avif-support" rel="nofollow ugc">WooCommerce Advanced Pricing &#8211; Discounts &amp; Quantity Swatches</a></p> <p><a href="https://wordpress.org/plugins/image-sizes-controller/" rel="ugc">Image Sizes Controller</a></p> <p><a href="https://wordpress.org/plugins/cart-limiter/" rel="ugc">WooCommerce Cart Limiter</a></p> <p><a href="https://wordpress.org/plugins/watermark-images-for-wp-and-woo-grandpluginswp/" rel="ugc">WP Watermark Images</a></p> <p><a href="https://wordpress.org/plugins/coming-soon-products-for-woocommerce" rel="ugc">Coming Soon Products for WooCommerce</a></p> <p><a href="https://wordpress.org/plugins/cart-limiter/" rel="ugc">WooCommerce Cart and Order Limiter</a></p> <p><a href="https://wordpress.org/plugins/simple-countdown/" rel="ugc">Simple Countdown</a></p> <p><a href="https://wordpress.org/plugins/watermark-pdf/" rel="ugc">Watermark PDF</a></p> <p><a href="https://wordpress.org/plugins/quick-view-and-buy-now-for-woocommerce/" rel="ugc">Quick View and Buy Now for WooCommerce</a></p> <p><a href="https://wordpress.org/plugins/ultimate-maintenance-mode-for-woocommerce/" rel="ugc">WooCommerce Maintenance Mode</a></p> <p><a href="https://wordpress.org/plugins/sidebars-blocks/" rel="ugc">Sidebars Gutenberg Blocks</a></p> <p><a href="https://wordpress.org/plugins/large-images-uploader/" rel="ugc">Large Images Uploader</a></p> <p><a href="https://wordpress.org/plugins/ultimate-maintenance-mode-for-woocommerce/" rel="ugc">Maintenance Mode for WooCommerce</a></p> <p><a href="https://wordpress.org/plugins/ajax-single-add-to-cart-for-woocommerce/" rel="ugc">Single Ajax Add to Cart For WooCommerce</a></p> <p><a href="https://wordpress.org/plugins/gif-uploader-wp-grandplugins" rel="ugc">GIF Uploader</a></p> <p><a href="https://wordpress.org/plugins/pdf-password-protect/" rel="ugc">PDF Password Protect</a></p> <p><a href="https://wordpress.org/plugins/gpls-paypal-subscriptions/" rel="ugc">Paypal Subscriptions</a></p> <p><a href="https://wpplugincreator.com" rel="nofollow ugc">WP Plugin Creator</a></p>
WordPress Plugin DirectoryWordPress Plugin Directory
26.6K