CVE-2024-43125

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Aug 12, 2024

Updated: Aug 13, 2024

CWE ID 79

Summary

CVE-2024-43125 is a newly disclosed Cross-Site Scripting (XSS) vulnerability affecting WP Table Builder, a popular WordPress table plugin. The flaw, located in the plugin's web page generation process, allows malicious scripts to be stored and executed within a user's browser when viewing a table created with the affected plugin. This can lead to unauthorized access to sensitive data, session hijacking, or other malicious activities. The vulnerability impacts all versions of WP Table Builder from the unspecified n/a through 1.4.15. It is crucial for users to update to the latest version or consider alternative solutions to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database