WordPress Photo Video Store plugin <= 21.07 - CSRF to Cross Site Scripting (XSS) vulnerability
CVE-2024-53782
7.1HIGH
What is CVE-2024-53782?
The CSRF vulnerability in CMSaccount's Photo Video Store allows malicious actors to exploit the application by tricking users into executing unwanted actions. This vulnerability can lead to the potential execution of Cross-Site Scripting (XSS) attacks, compromising user accounts and sensitive data. Affected versions include all prior to 21.07, highlighting essential mitigation measures for users to secure their installations.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Photo Video Store <= 21.07
References
CVSS V3.1
Score:
7.1
Severity:
HIGH
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved
Credit
SOPROBRO (Patchstack Alliance)