CVE-2024-47643

Summary

CVE-2024-47643 is a stored Cross-site Scripting (XSS) vulnerability found in the Include Fussball.De Widgets plugin, affecting versions up to 4.0.0. The vulnerability allows attackers to inject malicious scripts into web pages, which could compromise user data and disrupt website functionality. It has a medium severity rating with a CVSS base score of 6.5, requiring low privileges for exploitation and user interaction to execute the attack. To remediate this issue, users should update the plugin to the latest version available or apply any patches provided by the vendor. Organizations utilizing this affected plugin may face risks such as data theft or unauthorized actions taken on behalf of legitimate users due to this security flaw.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.