Unrated severityNVD Advisory· Published Jan 30, 2025· Updated Jan 30, 2025
GoodLayers Core < 2.1.3 - Subscriber+ Stored XSS via SVG Upload
CVE-2024-12163
Description
The goodlayers-core WordPress plugin before 2.1.3 allows users with a subscriber role and above to upload SVGs containing malicious payloads.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <2.1.3
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/ea704054-fb66-4014-89bd-1c61074f64e5/mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.