CVE-2024-47624

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Oct 5, 2024
CWE ID 79

Summary

CVE-2024-47624 is a Cross-Site Scripting (XSS) vulnerability affecting the BSK Forms Blacklist plugin, specifically versions up to 3.8.1. This flaw allows for reflected XSS attacks and poses a high risk, with a CVSS base score of 7.1, as it requires user interaction but does not require elevated privileges. The potential impact includes unauthorized access to user sessions and data manipulation through network-based attacks, although the integrity and confidentiality impact is assessed as low. Organizations using affected versions of the plugin should remediate the issue by updating to a patched version as recommended by security advisories. Further information can be found in related resources such as Patchstack's vulnerability database.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share