CVE-2024-32557

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Apr 16, 2024

CWE ID 79

Summary

CVE-2024-32557 is a Cross-site Scripting (XSS) vulnerability affecting Exclusive Addons Elementor. The issue, which permits Stored XSS, occurs during web page generation. This means an attacker could inject malicious code into a webpage viewed by other users, potentially stealing sensitive information or taking control of their sessions. This vulnerability affects versions of Exclusive Addons Elementor from n/a through 2.6.9.2. Users are strongly urged to update to a secure version as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vaGtVV
https://www.cve.org/CVERecord?id=CVE-2024-32557
https://nvd.nist.gov/vuln/detail/CVE-2024-32557

Back to Vulnerability Database

CVE-2024-32557

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations