{"uuid": "02f1c30e-c0dd-474a-b252-211e32351752", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8046", "type": "seen", "source": "https://t.me/HackerArsenal/215", "content": "\u203c\ufe0f CVE-2024-8046 \u203c\ufe0f\n\nThe Logo Showcase Ultimate  Logo Carousel, Logo Slider  Logo Grid plugin for WordPress is vulnerable to Stored CrossSite Scripting via SVG File uploads in all versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Authorlevel access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"National Vulnerability Database\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity_CVEs", "creation_timestamp": "2024-08-27T15:19:56.000000Z"}