PT-2024-30417 · WordPress · Mybooktable Bookstore
Majed Refaea
·
Published
2024-08-26
·
Updated
2024-09-17
·
CVE-2024-43255
CVSS v3.1
7.1
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
MyBookTable Bookstore versions 3.3.9 and earlier
Description
The issue is a Cross-Site Request Forgery (CSRF) vulnerability that allows Cross-Site Scripting (XSS) in the MyBookTable Bookstore plugin for WordPress. Users are advised to upgrade to the latest version to mitigate risks.
Recommendations
For MyBookTable Bookstore versions 3.3.9 and earlier, upgrade to the latest version to resolve the issue. As a temporary workaround, consider restricting access to the plugin until the issue is resolved.
Fix
XSS
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Mybooktable Bookstore