CVE-2024-29763

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Mar 27, 2024
CWE ID 79

Summary

CVE-2024-29763 is a vulnerability categorized as CWE-79 (Improper Neutralization of Input During Web Page Generation) and has a base severity rating of HIGH. It affects the WordPress Meta Data and Taxonomies Filter (MDTF) versions up to 1.3.3. The vulnerability allows for Reflected XSS (Cross-site Scripting) attacks. The exploitability score is 2.8, and the base score is 7.1 according to the CVSS:3.1 rating provided by audit@patchstack.com. The potential danger lies in the fact that an attacker can inject malicious code into web pages, leading to unauthorized access, data theft, or manipulation of user sessions. To remediate this vulnerability, users should update their WordPress MDTF to version 1.3.4 or later to patch the security issue and mitigate the risk of exploitation.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-29763 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options