CVE-2024-53777

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Dec 2, 2024
CWE ID 352

Summary

CVE-2024-53777 is a newly disclosed vulnerability affecting Alberto Reineri Simple Header and Footer, where a Cross-Site Request Forgery (CSRF) weakness leads to Stored XSS (Cross-Site Scripting) attacks. This issue potentially exposes users of the Simple Header and Footer plugin, from all versions up to and including 1.0.0, to malicious scripts being injected into web pages they visit. Successful exploitation of this CSRF-driven XSS vulnerability could result in unauthorized data access or manipulation, and even potential site takeover. Systems running this vulnerable plugin should be patched immediately to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share