CVE-2024-53747

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Dec 1, 2024
CWE ID 79

Summary

CVE-2024-53747 is a Cross-Site Scripting (XSS) vulnerability affecting the NuttTaro Video Player for WPBakery. The flaw, identified as a Neutralization of Input issue, enables an attacker to inject malicious scripts into web pages generated by the player. Users running versions from n/a to 1.0.1 are at risk. A successful attack could lead to stolen session tokens or defacement of webpages, potentially exposing sensitive user data. It is highly recommended that affected users upgrade to the latest available version of the plugin to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share