CM Tooltip Glossary Vulnerable to Stored XSS
CVE-2024-48041
6.5MEDIUM
What is CVE-2024-48041?
The CM Tooltip Glossary plugin by CreativeMindsSolutions is susceptible to a Stored Cross-site Scripting (XSS) vulnerability, which arises from improper neutralization of user input during web page generation. This flaw allows attackers to inject malicious scripts into web pages viewed by users, potentially leading to unauthorized access to sensitive information and data manipulation. Affected versions include all versions prior to 4.3.9, posing a significant risk to websites utilizing this plugin. Website administrators are urged to evaluate their installations and apply appropriate security measures to mitigate the risk associated with this vulnerability.
Affected Version(s)
CM Tooltip Glossary <= 4.3.9