CVE-2024-47632
CVSS 3.1 Score 5.4 of 10 (medium)
Attack Complexity low
Scope changed
Confidentiality low
Integrity low
Privileges Required low
Availability none
Details
Published Oct 5, 2024
Updated: Mar 13, 2025
CWE ID 79
Summary
CVE-2024-47632 is an XSS (Cross-site Scripting) vulnerability affecting DethemeKit For Elementor. The flaw, which permits Stored XSS attacks, lies in the theme's web page generation process. Hackers can exploit this vulnerability to inject malicious scripts into a victim's webpage, potentially leading to data theft or unauthorized access. DethemeKit For Elementor versions from n/a up to 2.1.7 are reportedly vulnerable to this issue. Users are advised to update their theme to the latest version as soon as possible to mitigate the risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share