CVE-2023-37388
CVSS 3.1 Score 4.8 of 10 (medium)
Details
Summary
CVE-2023-37388 represents a stored Cross-Site Scripting (XSS) vulnerability affecting version 2.0 of the Sudipto Pratap Mahato Simple Light Weight Social Share plugin. This issue enables an attacker, with administrative privileges, to inject malicious code into the plugin's input fields. The exploitation of this flaw can lead to unauthorized script execution on the affected website, potentially resulting in data theft, session hijacking, or other forms of unintended access. To mitigate this risk, users are advised to upgrade to the latest version or patch of the plugin, as soon as it becomes available.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.