CVE-2024-43123

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Aug 12, 2024

Updated: Aug 13, 2024

CWE ID 79

Summary

CVE-2024-43123 is a newly disclosed Cross-site Scripting (XSS) vulnerability affecting the Techeshta Card Elements for Elementor plugin. The flaw, which permits Stored XSS attacks, resides within the plugin's web page generation process. Hackers can exploit this vulnerability to inject malicious scripts into a targeted website, potentially stealing user data or taking control of the site. This issue has been reported to affect Card Elements for Elementor versions from n/a up to and including 1.2.2. It is crucial that users update their plugins to the latest version or consider alternative solutions to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database