WordPress Kodex Posts likes plugin <= 2.5.0 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2024-43217
7.1HIGH
What is CVE-2024-43217?
A security vulnerability exists in the Kodex Posts Likes plugin by Pierre Lebedel, allowing an improper neutralization of input that results in a reflected cross-site scripting (XSS) issue. This vulnerability affects users utilizing versions from n/a through 2.5.0 and can lead to unauthorized access or manipulation of user data within the web application. Attackers may exploit this vulnerability by crafting malicious payloads that, when executed, could compromise the integrity of user sessions and web security.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Kodex Posts likes <= 2.5.0
References
CVSS V3.1
Score:
7.1
Severity:
HIGH
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Credit
Dmitriy Prokhorov (Patchstack Alliance)