CVE-2024-1977 Report - Details, Severity, & Advisories
Twingate Team
•
May 3, 2024
CVE-2024-1977 is a medium-severity vulnerability affecting the Restaurant Solutions – Checklist plugin for WordPress, specifically version 1.0.0. This Stored Cross-Site Scripting (XSS) vulnerability allows authenticated attackers with administrator-level access to inject arbitrary web scripts into pages, which can then execute when a user accesses the affected page. The vulnerability primarily impacts multi-site installations and installations where unfiltered_html has been disabled.
How do I know if I'm affected?
If you're using the Restaurant Solutions – Checklist plugin for WordPress, specifically version 1.0.0, you might be affected by the vulnerability. This Stored Cross-Site Scripting (XSS) vulnerability allows attackers with administrator-level access to inject web scripts into pages, which can then execute when a user accesses the affected page. It primarily impacts multi-site installations and installations where unfiltered_html has been disabled. Signs of being affected could include unexpected behavior of the application, such as unauthorized actions being performed, session tokens or login credentials being stolen, and keystrokes being logged.
What should I do if I'm affected?
If you're affected by the vulnerability, it's important to take action to protect your WordPress site. Unfortunately, there's no known patch available. As a precaution, consider uninstalling the affected Restaurant Solutions – Checklist plugin (version 1.0.0) and finding a suitable replacement. Stay informed about vulnerabilities by signing up for updates from security resources like Wordfence.
Is CVE-2024-1977 in CISA’s Known Exploited Vulnerabilities Catalog?
The CVE-2024-1977 vulnerability is not listed in CISA's Known Exploited Vulnerabilities Catalog. This security issue affects the Restaurant Solutions – Checklist plugin for WordPress, version 1.0.0, and allows attackers with administrator-level access to inject harmful web scripts into pages. The vulnerability primarily impacts multi-site installations and installations where unfiltered_html has been disabled. No specific required action, date added, or due date is mentioned for this vulnerability.
Weakness enumeration
The Weakness Enumeration section discusses a security issue in the Restaurant Solutions – Checklist plugin, which allows harmful scripts to be inserted into pages by people with admin access. This problem is called Stored Cross-Site Scripting.
For more details
CVE-2024-1977 is a Stored Cross-Site Scripting vulnerability in the Restaurant Solutions – Checklist plugin for WordPress, version 1.0.0. To learn more about its description, severity, technical details, and known affected software configurations, refer to the NVD page or the sources listed below.
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
CVE-2024-1977 Report - Details, Severity, & Advisories
Twingate Team
•
May 3, 2024
CVE-2024-1977 is a medium-severity vulnerability affecting the Restaurant Solutions – Checklist plugin for WordPress, specifically version 1.0.0. This Stored Cross-Site Scripting (XSS) vulnerability allows authenticated attackers with administrator-level access to inject arbitrary web scripts into pages, which can then execute when a user accesses the affected page. The vulnerability primarily impacts multi-site installations and installations where unfiltered_html has been disabled.
How do I know if I'm affected?
If you're using the Restaurant Solutions – Checklist plugin for WordPress, specifically version 1.0.0, you might be affected by the vulnerability. This Stored Cross-Site Scripting (XSS) vulnerability allows attackers with administrator-level access to inject web scripts into pages, which can then execute when a user accesses the affected page. It primarily impacts multi-site installations and installations where unfiltered_html has been disabled. Signs of being affected could include unexpected behavior of the application, such as unauthorized actions being performed, session tokens or login credentials being stolen, and keystrokes being logged.
What should I do if I'm affected?
If you're affected by the vulnerability, it's important to take action to protect your WordPress site. Unfortunately, there's no known patch available. As a precaution, consider uninstalling the affected Restaurant Solutions – Checklist plugin (version 1.0.0) and finding a suitable replacement. Stay informed about vulnerabilities by signing up for updates from security resources like Wordfence.
Is CVE-2024-1977 in CISA’s Known Exploited Vulnerabilities Catalog?
The CVE-2024-1977 vulnerability is not listed in CISA's Known Exploited Vulnerabilities Catalog. This security issue affects the Restaurant Solutions – Checklist plugin for WordPress, version 1.0.0, and allows attackers with administrator-level access to inject harmful web scripts into pages. The vulnerability primarily impacts multi-site installations and installations where unfiltered_html has been disabled. No specific required action, date added, or due date is mentioned for this vulnerability.
Weakness enumeration
The Weakness Enumeration section discusses a security issue in the Restaurant Solutions – Checklist plugin, which allows harmful scripts to be inserted into pages by people with admin access. This problem is called Stored Cross-Site Scripting.
For more details
CVE-2024-1977 is a Stored Cross-Site Scripting vulnerability in the Restaurant Solutions – Checklist plugin for WordPress, version 1.0.0. To learn more about its description, severity, technical details, and known affected software configurations, refer to the NVD page or the sources listed below.
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
CVE-2024-1977 Report - Details, Severity, & Advisories
Twingate Team
•
May 3, 2024
CVE-2024-1977 is a medium-severity vulnerability affecting the Restaurant Solutions – Checklist plugin for WordPress, specifically version 1.0.0. This Stored Cross-Site Scripting (XSS) vulnerability allows authenticated attackers with administrator-level access to inject arbitrary web scripts into pages, which can then execute when a user accesses the affected page. The vulnerability primarily impacts multi-site installations and installations where unfiltered_html has been disabled.
How do I know if I'm affected?
If you're using the Restaurant Solutions – Checklist plugin for WordPress, specifically version 1.0.0, you might be affected by the vulnerability. This Stored Cross-Site Scripting (XSS) vulnerability allows attackers with administrator-level access to inject web scripts into pages, which can then execute when a user accesses the affected page. It primarily impacts multi-site installations and installations where unfiltered_html has been disabled. Signs of being affected could include unexpected behavior of the application, such as unauthorized actions being performed, session tokens or login credentials being stolen, and keystrokes being logged.
What should I do if I'm affected?
If you're affected by the vulnerability, it's important to take action to protect your WordPress site. Unfortunately, there's no known patch available. As a precaution, consider uninstalling the affected Restaurant Solutions – Checklist plugin (version 1.0.0) and finding a suitable replacement. Stay informed about vulnerabilities by signing up for updates from security resources like Wordfence.
Is CVE-2024-1977 in CISA’s Known Exploited Vulnerabilities Catalog?
The CVE-2024-1977 vulnerability is not listed in CISA's Known Exploited Vulnerabilities Catalog. This security issue affects the Restaurant Solutions – Checklist plugin for WordPress, version 1.0.0, and allows attackers with administrator-level access to inject harmful web scripts into pages. The vulnerability primarily impacts multi-site installations and installations where unfiltered_html has been disabled. No specific required action, date added, or due date is mentioned for this vulnerability.
Weakness enumeration
The Weakness Enumeration section discusses a security issue in the Restaurant Solutions – Checklist plugin, which allows harmful scripts to be inserted into pages by people with admin access. This problem is called Stored Cross-Site Scripting.
For more details
CVE-2024-1977 is a Stored Cross-Site Scripting vulnerability in the Restaurant Solutions – Checklist plugin for WordPress, version 1.0.0. To learn more about its description, severity, technical details, and known affected software configurations, refer to the NVD page or the sources listed below.
Solutions
Solutions
The VPN replacement your workforce will love.
Solutions