CVSS 3.1 Score 6.5 of 10 (medium)


Published Apr 24, 2024


A vulnerability with the CVE ID CVE-2024-32956 has been identified in Rometheme RomethemeKit For Elementor, specifically versions from n/a through 1.4.1. This vulnerability is categorized as a 'Cross-site Scripting' (XSS) issue, which allows for Stored XSS attacks. The risk score for this vulnerability is 25, indicating a medium level of severity. The base score is 6.5, with an impact score of 3.7. The exploitability score is 2.3, and the privileges required for exploitation are low. User interaction is required for the attack to be successful, and the attack vector is through the network. The integrity and confidentiality impacts are both low, as well as the availability impact. To remediate this vulnerability, it is recommended to update RomethemeKit For Elementor to a version that has addressed this issue. Organizations using vulnerable versions of this product should be cautious as it poses a potential danger due to the risk of unauthorized script injection and subsequent malicious activities that can compromise user data or lead to other security breaches.

(Note: This summary has been generated based on the information provided in the text and no additional sources have been used.)

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-32956 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options