CVE-2024-51893

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Nov 19, 2024

CWE ID 79

Summary

CVE-2024-51893 is a Cross-site Scripting (XSS) vulnerability affecting the Postify: Post Layout For Elementor plugin. The issue lies in the theme's failure to neutralize user input during web page generation. An attacker can exploit this weakness to inject malicious scripts into a victim's webpage, potentially stealing sensitive data or taking control of their account. This vulnerability exists in Postify: Post Layout For Elementor versions from n/a to 1.0.1. It is crucial that users update to a patched version as soon as possible to mitigate the risks associated with this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/0ME7qm
https://www.cve.org/CVERecord?id=CVE-2024-51893
https://nvd.nist.gov/vuln/detail/CVE-2024-51893

Back to Vulnerability Database

CVE-2024-51893

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations