CVE-2024-54442

CVSS 3.1 Score 5.9 of 10 (medium)

Details

Published Dec 16, 2024

CWE ID 79

Summary

CVE-2024-54442 is a Cross-site Scripting (XSS) vulnerability affecting the Better WP Login Page plugin. The flaw, designated as an Improper Neutralization of Input During Web Page Generation issue, allows attackers to inject malicious scripts into the login page. These scripts can be stored and executed on unsuspecting users' browsers when they visit the affected site. This vulnerability affects Better WP Login Page versions from n/a through 1.1.2.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/1KUxx9
https://www.cve.org/CVERecord?id=CVE-2024-54442
https://nvd.nist.gov/vuln/detail/CVE-2024-54442

Back to Vulnerability Database

CVE-2024-54442

CVSS 3.1 Score 5.9 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations