CVSS 3.1 Score 6.5 of 10 (medium)


Published Mar 31, 2024
Updated: Apr 1, 2024


CVE-2024-31104 is a vulnerability that affects GetResponse for WordPress versions prior to 5.5.33, allowing for Stored Cross-Site Scripting (XSS) attacks. The vulnerability is categorized as CVE-79, which refers to the improper neutralization of input during web page generation. The base severity of this vulnerability is rated as MEDIUM, with a base score of 6.5. Exploiting this vulnerability requires low privileges and user interaction, with a low impact on integrity and confidentiality. The attack vector is through the network, and the availability impact is also low. To remediate this vulnerability, organizations should update their GetResponse for WordPress to version 5.5.33 or later to mitigate the risk of XSS attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.


Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future

Note: This is just a basic overview providing quick insights into CVE-2024-31104 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future
  • Gain complete coverage of your cyber, third party, and physical attack surface
  • Proactively mitigate threats before they turn into costly attacks
  • Make fast, effective, data-driven decisions