CVE-2024-51685

CVSS 3.1 Score 4.8 of 10 (medium)

Details

Published Nov 4, 2024
Updated: Nov 6, 2024
CWE ID 79

Summary

CVE-2024-51685 is a Cross-Site Scripting (XSS) vulnerability affecting the Accordion title component for Elementor, version n/a through 1.2.1. An attacker can exploit this flaw to inject malicious scripts into web pages generated by the Accordion title feature. The vulnerability stems from improper input neutralization, potentially leading to stored XSS attacks. Successful exploitation could result in unintended execution of attacker-supplied code within users' web browsers, posing a significant security risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share