CVE-2024-30559

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Mar 31, 2024
Updated: Apr 1, 2024
CWE ID 79

Summary

CVE-2024-30558 is a Cross-site Scripting (XSS) vulnerability affecting the Michael Simpson Add Shortcodes plugin version 2.10 and below. Maliciously crafted input can be injected during web page generation, posing a risk of code execution in users' browsers. An attacker may leverage this flaw to steal sensitive information, conduct unauthorized actions, or redirect users to malicious websites. Users are advised to update the plugin to the latest version or consider alternative solutions to mitigate this threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share