CVE-2024-10493
CVSS 3.1 Score 5.4 of 10 (medium)
Details
Summary
CVE-2024-10493 is a vulnerability affecting the Elementor Addons plugin for WordPress. Before version 5.10.3, the plugin failed to validate and escape certain block options, making them susceptible to Stored Cross-Site Scripting attacks. Contributors and users with higher roles could potentially inject malicious scripts into pages or posts by exploiting this flaw. This issue poses a serious security risk, as unintended code execution could lead to data theft, unauthorized access, and other malicious activities. To mitigate this risk, it is highly recommended that users update the Elementor Addons plugin to the latest version as soon as possible.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.