CVE-2024-51657

Summary

CVE-2024-51657 is a newly discovered vulnerability that affects the Woopy Plugins SmartLink Dynamic URLs component. This issue is classified as a Cross-Site Request Forgery (CSRF) vulnerability, which can be exploited for Stored Cross-Site Scripting (XSS) attacks. The vulnerability resides within the SmartLink Dynamic URLs functionality, impacting versions from n/a to 1.1.0. Successful exploitation allows attackers to execute malicious scripts within the context of the affected website, potentially leading to unauthorized actions or data theft. Users are strongly advised to upgrade to the latest version of Woopy Plugins SmartLink Dynamic URLs as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.