CVE-2024-32530

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Apr 17, 2024

CWE ID 79

Summary

CVE-2024-32530 is a Cross-site Scripting (XSS) vulnerability affecting the Simple Testimonials Showcase plugin from version n/a through 1.1.5. An attacker can inject malicious scripts into web pages generated by this plugin, potentially stealing user data or taking control of user sessions. This issue occurs due to improper neutralization of user input, making it crucial for affected users to update to the latest plugin version and implement Content Security Policy (CSP) headers to mitigate risks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vaGGmm
https://www.cve.org/CVERecord?id=CVE-2024-32530
https://nvd.nist.gov/vuln/detail/CVE-2024-32530

Back to Vulnerability Database

CVE-2024-32530

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations