VYPR
Unrated severityNVD Advisory· Published Nov 14, 2024· Updated Nov 14, 2024

Simple File List < 6.1.13 - Reflected Cross-Site Scripting

CVE-2024-10146

Description

The Simple File List WordPress plugin before 6.1.13 does not sanitise and escape a generated URL before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against admins.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.