CVE-2024-53777
CVSS 3.1 Score 7.1 of 10 (high)
Details
Summary
CVE-2024-53777 is a newly disclosed vulnerability affecting Alberto Reineri Simple Header and Footer, where a Cross-Site Request Forgery (CSRF) weakness leads to Stored XSS (Cross-Site Scripting) attacks. This issue potentially exposes users of the Simple Header and Footer plugin, from all versions up to and including 1.0.0, to malicious scripts being injected into web pages they visit. Successful exploitation of this CSRF-driven XSS vulnerability could result in unauthorized data access or manipulation, and even potential site takeover. Systems running this vulnerable plugin should be patched immediately to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.