CVE-2024-33649

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Apr 29, 2024

CWE ID 79

Summary

CVE-2024-33649 is a Cross-site Scripting (XSS) vulnerability affecting Opal Widgets For Elementor. The flaw, which is described as an "Improper Neutralization of Input During Web Page Generation," enables attackers to inject malicious scripts into affected websites. This issue can lead to Stored XSS attacks, allowing attackers to execute malicious code even after the initial vulnerable page has been loaded. The vulnerability affects Opal Widgets For Elementor from version n/a through 1.6.9.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vmgyCs
https://www.cve.org/CVERecord?id=CVE-2024-33649
https://nvd.nist.gov/vuln/detail/CVE-2024-33649

Back to Vulnerability Database

CVE-2024-33649

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations