CVE-2024-47624
CVSS 3.1 Score 7.1 of 10 (high)
Details
Summary
CVE-2024-47624 is a Cross-Site Scripting (XSS) vulnerability affecting the BSK Forms Blacklist plugin, specifically versions up to 3.8.1. This flaw allows for reflected XSS attacks and poses a high risk, with a CVSS base score of 7.1, as it requires user interaction but does not require elevated privileges. The potential impact includes unauthorized access to user sessions and data manipulation through network-based attacks, although the integrity and confidentiality impact is assessed as low. Organizations using affected versions of the plugin should remediate the issue by updating to a patched version as recommended by security advisories. Further information can be found in related resources such as Patchstack's vulnerability database.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.