CVE-2024-53744

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Dec 1, 2024
CWE ID 79

Summary

CVE-2024-53744 is a Cross-Site Scripting (XSS) vulnerability affecting the Skybootstrap Elementor Image Gallery Plugin. The flaw, which permits Stored XSS attacks, occurs due to improper neutralization of user input during web page generation. This issue poses a significant risk as it allows malicious actors to inject malicious scripts into a targeted website, potentially resulting in data theft or unauthorized user actions. The vulnerability exists in versions of the Elementor Image Gallery Plugin from n/a through 1.0.3. To mitigate this risk, it is recommended that users upgrade to the latest available version of the plugin as soon as possible.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share