CVE-2024-10103

Published Nov 19, 2024

Last updated 3 months ago

CVSS medium 6.1

Overview

Description: In the process of testing the MailPoet WordPress plugin before 5.3.2, a vulnerability was found that allows you to implement Stored XSS on behalf of the editor by embedding malicious script, which entails account takeover backdoor
Source: contact@wpscan.com
NVD status: Awaiting Analysis

Risk scores

CVSS 3.1

Type: Secondary
Base score: 6.1
Impact score: 2.7
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Severity: MEDIUM

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0: CWE-79

Hype score: Not currently trending

CVE-2024-10103 In the process of testing the MailPoet WordPress plugin before 5.3.2, a vulnerability was found that allows you to implement Stored XSS on behalf of the editor by em… https://t.co/1cwxJ9EvNY
@CVEnew
19 Nov 2024
477 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

References