PT-2024-34799 · Unknown · Microkid Custom Author Url
Soprobro
·
Published
2024-11-19
·
Updated
2024-11-23
·
CVE-2024-51655
CVSS v3.1
7.1
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
Microkid Custom Author URL versions n/a through 2.0.1
Description
A Cross-Site Request Forgery (CSRF) vulnerability allows Stored XSS. This issue can be exploited to perform malicious actions. Users are advised to update to the latest version to mitigate risks.
Recommendations
For versions n/a through 2.0.1, update to the latest version to resolve the issue.
As a temporary workaround, consider restricting access to the Custom Author URL plugin until a patch is available.
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Microkid Custom Author Url