Webcodin WP Visual Adverts - Reflected XSS Vulnerability
CVE-2024-51707
7.1HIGH
Summary
The vulnerability in Webcodin's WP Visual Adverts allows attackers to exploit improper neutralization of input during web page generation, leading to reflected cross-site scripting (XSS) attacks. This issue primarily affects versions from n/a to 2.3.0, potentially enabling an attacker to inject malicious scripts into web pages viewed by users. Such vulnerabilities can facilitate unauthorized actions and the theft of sensitive information, making it crucial for website administrators to apply necessary patches and updates to mitigate associated risks.
Affected Version(s)
WP Visual Adverts <= 2.3.0
References
CVSS V3.1
Score:
7.1
Severity:
HIGH
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved
Credit
João Pedro Soares de Alcântara - Kinorth (Patchstack Alliance)