Sploit.io - Search

Product: Z-Downloads, version: < 1.11.7

CVE-2024-8673

Severity: CRITICAL

Description: The Z-Downloads WordPress plugin before 1.11.7 does not properly validate uploaded files allowing for the uploading of SVGs containing malicious JavaScript.

CVSS Score: N/A

Affected Products:

Unknown Z-Downloads - Versions: 0

References:

https://wpscan.com/vulnerability/fed2cd26-7ccb-419d-b589-978410953bf4/