CVE-2024-54255
CVSS 3.1 Score 4.7 of 10 (medium)
Details
Published Dec 9, 2024
CWE ID 601
Summary
CVE-2024-54255 is a newly disclosed Open Redirect vulnerability affecting the Login Widget With Shortcode on aviplugins.com. This issue permits an attacker to redirect users to untrusted sites, potentially leading to phishing attacks. Affected versions of the plugin range from not available to 6.1.2. Users are advised to update to the latest patch as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share