PT-2023-19562 · Hu Manity.Co · Hu-Manity.Co Cookie Notice & Compliance For Gdpr / Ccpa

Rafie Muhammad

Published

2023-05-06

Updated

2023-05-10

CVE-2023-24400

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions Hu-manity.Co Cookie Notice & Compliance for GDPR / CCPA plugin versions <= 2.4.6

Description The issue is related to an Authenticated Cross-Site Scripting (XSS) vulnerability. This type of vulnerability allows an attacker to inject malicious scripts into a website, potentially leading to unauthorized actions on behalf of the user.

Recommendations For Hu-manity.Co Cookie Notice & Compliance for GDPR / CCPA plugin versions <= 2.4.6, update to a version higher than 2.4.6 to resolve the issue. At the moment, there is no information about additional mitigation measures for this specific vulnerability.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2023-24400

Affected Products

Hu-Manity.Co Cookie Notice & Compliance For Gdpr / Ccpa

CVE-2023-24400

Weakness Enumeration

Related Identifiers

Affected Products

References · 4