CVE-2024-53737
CVSS 3.1 Score 6.5 of 10 (medium)
Details
Summary
CVE-2024-53737 is a Cross-site Scripting (XSS) vulnerability affecting WP Mailster, an email marketing plugin for WordPress. The flaw, which permits Stored XSS attacks, is located in the plugin's web page generation process. This weakness can be exploited by attackers to inject malicious scripts into a targeted website, potentially stealing user data or taking control of user sessions. This vulnerability can impact installations of WP Mailster from undisclosed versions up to and including 1.8.16.0. It is crucial for users to update their WP Mailster plugin to a patched version as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.