CVE-2024-9883
CVSS 3.1 Score 4.8 of 10 (medium)
Details
Summary
CVE-2024-9883 is a vulnerability affecting the Pods WordPress plugin before version 3.2.7.1. This issue arises due to insufficient sanitization and escaping of some settings within the plugin.High privilege users, including admins, can exploit this flaw to execute Stored Cross-Site Scripting attacks, bypassing the restriction of the unfiltered_html capability, even in multisite setups.This vulnerability poses a significant risk, as successful exploitation could lead to unauthorized script injection and potential site takeover. It is recommended to update the Pods plugin to the latest version to mitigate this issue.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.