CVE-2024-53717
CVSS 3.1 Score 7.1 of 10 (high)
Details
Summary
CVE-2024-53717 is a newly disclosed vulnerability affecting the yPHPlista software, specifically versions from n/a to 1.1.1. This issue combines two serious threats: a Cross-Site Request Forgery (CSRF) weakness and a Stored Cross-Site Scripting (XSS) vulnerability. A successful exploit of the CSRF flaw could force unintended actions from a user, while the Stored XSS component enables an attacker to inject malicious scripts into web pages viewed by other users. The combination of these vulnerabilities poses a significant risk to the security of platforms utilizing the affected version of yPHPlista.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Yphplista Plugin
Affected Vendors
- WordPress