CVE-2024-53812
CVSS 3.1 Score 7.1 of 10 (high)
Details
Summary
CVE-2024-53812 is a Cross-Site Scripting (XSS) vulnerability affecting WP GeoNames, a WordPress plugin used for displaying geographical information. The flaw, which allows Reflected XSS attacks, is due to improper neutralization of user input during web page generation. This issue can potentially be exploited to inject malicious scripts into web pages viewed by other users, posing a threat to data confidentiality and integrity. WP GeoNames versions from n/a through 1.8 are reportedly impacted by this vulnerability. Users are strongly advised to update to the latest, secure version as soon as possible to protect against potential attacks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.