CVE-2024-11918
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Published Nov 28, 2024
CWE ID 862
Summary
CVE-2024-11918: Inept capability checks in the Image Alt Text plugin for WordPress, affecting versions up to 2.0.0, expose a vulnerability. Authenticated attackers with subscriber-level access or higher can exploit this issue by modifying alt text on arbitrary images, as the iat_add_alt_txt_action and iat_update_alt_txt_action AJAX functions lack adequate security measures. This could lead to potential misrepresentation or manipulation of image data.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share