CVE-2024-2702

CVSS 3.1 Score 7.0 of 10 (high)

Details

Published Mar 20, 2024

CWE ID 362

Summary

CVE-2024-2702 is a Missing Authorization vulnerability affecting Olive Themes Olive One Click Demo Import. An attacker can exploit this issue by importing settings and data, resulting in Cross-Site Scripting (XSS) attacks. This vulnerability allows unauthorized access, potentially leading to data theft or website defacement. The affected version range is from n/a to 1.1.1. Users are advised to update to the latest version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uk51G4
https://www.cve.org/CVERecord?id=CVE-2024-2702
https://nvd.nist.gov/vuln/detail/CVE-2024-2702

Back to Vulnerability Database

CVE-2024-2702

CVSS 3.1 Score 7.0 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations