CVE-2024-9544 – MapSVG WordPress Stored Cross-Site Scripting Vulnerability

May 22, 2025

CVE ID : CVE-2024-9544

Published : May 22, 2025, 10:15 a.m. | 1 hour, 52 minutes ago

Description : The MapSVG plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 8.6.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.

Severity: 6.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4280 – Poedit for MacOS Privilege Escalation Vulnerability

Next Article Unlearning or Obfuscating? Jogging the Memory of Unlearned LLMs via Benign Relearning

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Google DeepMind’s CEO says Gemini’s upgrades could lead to AGI — but he still thinks society isn’t “ready for it”

Windows 11 is getting AI Actions in File Explorer — here’s how to try them right now

Is The Alters on Game Pass?

I asked Copilot’s AI to predict the outcome of the Europa League final, and now I’m just sad

Celebrating GAAD by Committing to Universal Design: Equitable Use

Celebrating GAAD by Committing to Universal Design: Equitable Use

GAAD and Universal Design in Healthcare – A Deeper Look

GAAD and Universal Design in Pharmacy – A Deeper Look

Google DeepMind’s CEO says Gemini’s upgrades could lead to AGI — but he still thinks society isn’t “ready for it”

Google DeepMind’s CEO says Gemini’s upgrades could lead to AGI — but he still thinks society isn’t “ready for it”

Windows 11 is getting AI Actions in File Explorer — here’s how to try them right now

Is The Alters on Game Pass?

CVE-2024-9544 – MapSVG WordPress Stored Cross-Site Scripting Vulnerability

Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

CVE-2025-3111 – GitLab Kubernetes Denial of Service Vulnerability

Anti-Money Laundering and Fraud Prevention With MongoDB Vector Search and OpenAI

VMware Workstation Pro Update Brings Linux Fixes

OpenAI’s “Google killer” AI-powered search experience is now freely available for everyone — you’ll no longer need an account or $20 subscription plan, but don’t ask silly questions either

AsianCrush Downloader: 3 Apps to Enjoy Limitless Videos Offline!

This AI Paper Explores the Extent to which LLMs can Self-Improve their Performance as Agents in Long-Horizon Tasks in a Complex Environment Using the WebArena Benchmark

Firefox to Use AI to Generate Link Previews on Hover: Hands-On

Understanding the :root Selector and CSS Variables

LLM-as-a-judge on Amazon Bedrock Model Evaluation

CVE-2024-9544 – MapSVG WordPress Stored Cross-Site Scripting Vulnerability

Related Posts