PT-2024-36593 · WordPress · My Wp Customize Admin/Frontend
Published
2024-12-17
·
Updated
2024-12-17
·
CVE-2024-55864
CVSS v3.1
4.8
Medium
| Vector | AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
My WP Customize Admin/Frontend versions prior to 1.24.1
Description
A cross-site scripting issue exists, allowing an arbitrary script to be executed on the web browser of other users who access a page customized by a malicious administrative user with malicious content.
Recommendations
For My WP Customize Admin/Frontend versions prior to 1.24.1, update to version 1.24.1 or later to resolve the issue.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
My Wp Customize Admin/Frontend