CVE-2024-51705
CVSS 3.1 Score 7.1 of 10 (high)
Details
Published Nov 9, 2024
Updated: Nov 12, 2024
CWE ID 79
Summary
CVE-2024-51705 is a Cross-site Scripting (XSS) vulnerability affecting the WP MMenu Lite plugin. The issue stems from improper neutralization of user input during web page generation. Maliciously crafted data can be injected, potentially enabling attackers to execute scripts in users' browsers. This vulnerability affects WP MMenu Lite versions from n/a through 1.0.0. Successful exploitation could lead to data theft or unauthorized access, posing a significant security risk to WordPress sites using this plugin.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.