CVE-2024-13140 – Emlog Pro Cross-Site Scripting Vulnerability in Cover Upload Handler

1月 5, 2025
1:16 pm

CVE ID : CVE-2024-13140

Published : Jan. 5, 2025, 12:15 p.m. | 1 hour, 1 minute ago

Description : A vulnerability classified as problematic has been found in Emlog Pro up to 2.4.3. Affected is an unknown function of the file /admin/article.php?action=upload_cover of the component Cover Upload Handler. The manipulation of the argument image leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-13140 – Emlog Pro Cross-Site Scripting Vulnerability in Cover Upload Handler

Elvescore.io

Recent Posts

CVE-2024-12158 – MailChimp, GetResponse and ActiveCampaign Intergrations Plugin Unauthenticated Data Deletion

CVE-2024-12159 – Google Ads WordPress Plugin Information Exposure

CVE-2024-12170 – ViewMedica for WordPress CSRF Vulnerability

CVE-2024-12176 – WordLift Schema Vulnerability: Unauthenticated Plugin Settings Update

CVE-2024-12207 – “WordPress Toggles Shortcode and Widget Stored XSS”

CVE-2024-12208 – WordPress Backup Plugin CSRF

CVE-2024-13140 – Emlog Pro Cross-Site Scripting Vulnerability in Cover Upload Handler

CVE-2024-13140 – Emlog Pro Cross-Site Scripting Vulnerability in Cover Upload Handler