CVE-2024-53780
CVSS 3.1 Score 7.1 of 10 (high)
Details
Published Dec 2, 2024
CWE ID 352
Summary
CVE-2024-53780 represents a Cross-Site Request Forgery (CSRF) vulnerability found in the "Load More Posts" plugin by Rajeev Chauhan. Affecting versions from n/a to 1.4.0, this issue permits Stored XSS (Cross-Site Scripting) attacks. An attacker, upon successfully exploiting this flaw, can inject malicious scripts into a user's browser and gain unauthorized access to their session. This can lead to data theft or further system compromises. Users are advised to update the plugin to the latest version as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share