CVE-2024-53737

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Nov 28, 2024
CWE ID 79

Summary

CVE-2024-53737 is a Cross-site Scripting (XSS) vulnerability affecting WP Mailster, an email marketing plugin for WordPress. The flaw, which permits Stored XSS attacks, is located in the plugin's web page generation process. This weakness can be exploited by attackers to inject malicious scripts into a targeted website, potentially stealing user data or taking control of user sessions. This vulnerability can impact installations of WP Mailster from undisclosed versions up to and including 1.8.16.0. It is crucial for users to update their WP Mailster plugin to a patched version as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share