CVE-2024-47629

Summary

CVE-2024-47629 is a Cross-site Scripting (XSS) vulnerability affecting the BdThemes Ultimate Store Kit Elementor Addons, specifically versions up to 2.0.5. This vulnerability allows for stored XSS attacks, posing a medium-level risk with an exploitability score of 2.3 and requiring low privileges and user interaction to exploit. Organizations using the affected plugin may face integrity and confidentiality impacts, although these are considered low. To remediate this vulnerability, it is recommended that users update to the latest version of the Ultimate Store Kit Elementor Addons, addressing the improper neutralization of input during web page generation. Detailed information on this issue can be found in resources such as Patchstack’s vulnerability database.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.