Reflected XSS Vulnerability in Ajax Content Filter
CVE-2024-51717

7.1HIGH

Key Information:

Vendor: WordPress
Status: Ajax Content Filter
Vendor: CVE Published:; 9 November 2024

What is CVE-2024-51717?

The vulnerability in the Perception System Ajax Content Filter arises from improper neutralization of input during web page generation, specifically resulting in reflected cross-site scripting (XSS). This flaw permits an attacker to inject malicious scripts into webpages viewed by users, which can lead to unauthorized actions, data theft, or further compromise of the affected systems. The vulnerability impacts all versions of the Ajax Content Filter up to 1.0, warranting immediate attention from users to mitigate potential exploitation.

Affected Version(s)

Ajax Content Filter <= 1.0

References

https://patchstack.com/database/vulnerability/ajax-conten...

vdb-entry

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 9, 2024
Vulnerability Reserved
Oct 30, 2024

Credit

thiennv (Patchstack Alliance)

JSON