CVE-2024-2864

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Mar 25, 2024

CWE ID 121

Summary

CVE-2024-2864 is a Cross-site Scripting (XSS) vulnerability affecting the KaineLabs Youzify - Buddypress Moderation plugin. The issue lies in the way input is neutralized during web page generation. This means an attacker could inject malicious scripts into a webpage, allowing them to steal user data or take control of user sessions. The vulnerability affects versions of Youzify - Buddypress Moderation from n/a through 1.2.5, making it essential for users to update their plugins to the latest, secure version.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uzU3O0
https://www.cve.org/CVERecord?id=CVE-2024-2864
https://nvd.nist.gov/vuln/detail/CVE-2024-2864

Back to Vulnerability Database

CVE-2024-2864

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations