CVE-2024-43275

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Aug 15, 2024
CWE ID 352

Summary

CVE-2024-43275 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the Insert PHP Code Snippet feature in Xyzscripts. This issue allows malicious actors to manipulate the actions of an unsuspecting user, potentially leading to unauthorized changes or data theft. The vulnerability exists from version n/a to 1.3.6 of Insert PHP Code Snippet. Users are urged to update to a patched version to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Insert PHP Code Snippet Plugin

Affected Vendors

  • WordPress