CVE-2024-30201

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Mar 27, 2024

CWE ID 79

Summary

CVE-2024-30201 is a Cross-site Scripting (XSS) vulnerability affecting the WordPress Importer by Xylus Themes, from version n/a through 1.0.4. An attacker can exploit this issue by injecting malicious code during web page generation, resulting in reflected XSS. This vulnerability can potentially lead to unauthorized user actions, data theft, or website defacement. Users are advised to update their WordPress Importer component to the latest version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vDO_uS
https://www.cve.org/CVERecord?id=CVE-2024-30201
https://nvd.nist.gov/vuln/detail/CVE-2024-30201

Back to Vulnerability Database

CVE-2024-30201

CVSS 3.1 Score 7.1 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations