CVE-2023-44984

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Oct 16, 2023
Updated: Oct 19, 2023
CWE ID 79

Summary

CVE-2023-44984 is a stored Cross-Site Scripting (XSS) vulnerability affecting the Robin Wilson bbp style pack plugin versions 5.6.7 and below. An attacker can exploit this flaw by injecting malicious scripts into a contributor's post or comment, which, when viewed by other users, may execute the code and potentially steal sensitive data or take control of the affected website. The vulnerability poses a significant risk to websites using the affected plugin and should be addressed immediately by updating to a secure version.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share