CVE-2024-31927

CVSS 3.1 Score 5.9 of 10 (medium)

Details

Published Apr 11, 2024

CWE ID 79

Summary

CVE-2024-31927 is a Cross-site Scripting (XSS) vulnerability affecting the WP Login and Logout Redirect plugin, versions n/a through 1.2. An attacker can exploit this Improper Neutralization of Input vulnerability during web page generation to execute malicious scripts in users' browsers. The consequence is potential theft of user data or session hijacking. It is crucial that users update to the latest patch to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vUi05z
https://www.cve.org/CVERecord?id=CVE-2024-31927
https://nvd.nist.gov/vuln/detail/CVE-2024-31927

Back to Vulnerability Database

CVE-2024-31927

CVSS 3.1 Score 5.9 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations