CVE-2024-53747
CVSS 3.1 Score 6.5 of 10 (medium)
Details
Published Dec 1, 2024
CWE ID 79
Summary
CVE-2024-53747 is a Cross-Site Scripting (XSS) vulnerability affecting the NuttTaro Video Player for WPBakery. The flaw, identified as a Neutralization of Input issue, enables an attacker to inject malicious scripts into web pages generated by the player. Users running versions from n/a to 1.0.1 are at risk. A successful attack could lead to stolen session tokens or defacement of webpages, potentially exposing sensitive user data. It is highly recommended that affected users upgrade to the latest available version of the plugin to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share