CVE-2024-34573

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published May 8, 2024

CWE ID 79

Summary

CVE-2024-34573 is a Cross-site Scripting (XSS) vulnerability affecting the Pootlepress Pootle Pagebuilder plugin for WordPress. The flaw, which allows stored XSS attacks, can be exploited by malicious actors to inject malicious scripts into a targeted website. Successful exploitation could lead to unauthorized access, data theft, or site defacement. The vulnerability affects all versions of Pootle Pagebuilder from none through 5.7.1. Users are urged to update their plugins to a patched version as soon as possible to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vzGAyO
https://www.cve.org/CVERecord?id=CVE-2024-34573
https://nvd.nist.gov/vuln/detail/CVE-2024-34573

Back to Vulnerability Database

CVE-2024-34573

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations