CVE-2024-53723
CVSS 3.1 Score 7.1 of 10 (high)
Details
Summary
CVE-2024-53723 is a Cross-Site Request Forgery (CSRF) vulnerability affecting Google Plus Share and +1 Button. This issue permits Stored XSS (Cross-Site Scripting) attacks. An adversary can exploit this weakness by tricking a user into clicking a malicious link containing a malicious script. As a result, the attacker can inject and execute malicious code in the victim's web browser, posing a significant security threat. The vulnerability affects versions of Google Plus Share and +1 Button ranging from n/a to 1.0. Users are advised to update their applications as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Google Plus Share And 1 Button Plugin
Affected Vendors
- WordPress