CVE-2024-53796

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Dec 6, 2024
CWE ID 79

Summary

CVE-2024-53796 is a Cross-site Scripting (XSS) vulnerability affecting Themesflat Addons For Elementor. This issue, specifically a DOM-Based XSS, occurs during the generation of web pages in the plugin. The vulnerability allows attackers to inject malicious scripts into a victim's browser, potentially leading to data theft or unauthorized account access. The impacted versions of Themesflat Addons For Elementor span from n/a to 2.2.2. Users are urged to update their plugins as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share