CVE-2024-13056

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Jan 27, 2025

Summary

CVE-2024-13056 is a Reflected Cross-Site Scripting vulnerability affecting the Dyn Business Panel WordPress plugin up to version 1.0.0. This issue arises due to insufficient input validation, allowing an attacker to inject malicious scripts into a webpage. The exploit can target high-privilege users, such as admins, making it a significant security risk. Attackers could use this vulnerability to steal sensitive information, manipulate data, or even gain administrative control of the affected WordPress site. Site owners are strongly advised to update the plugin to the latest version as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2C3PzG
https://www.cve.org/CVERecord?id=CVE-2024-13056
https://nvd.nist.gov/vuln/detail/CVE-2024-13056

Back to Vulnerability Database

CVE-2024-13056

CVSS 3.1 Score 7.1 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations