CVE-2024-30199

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Mar 27, 2024
CWE ID 79

Summary

CVE-2024-30199 is a Cross-Site Scripting (XSS) vulnerability affecting the WP-Lister Lite for Amazon plugin from version n/a through 2.6.8. An attacker can exploit this improper neutralization of user input during web page generation to inject malicious scripts into a webpage, potentially stealing user data or taking control of their sessions. This issue poses a significant risk to users of the affected plugin and requires an immediate upgrade to a patched version.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share