CVE-2024-56221

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Dec 31, 2024
CWE ID 79

Summary

CVE-2024-56221 is a Cross-site Scripting (XSS) vulnerability affecting the WPMozo Addons Lite for Elementor plugin. The flaw, which is classified as an Improper Neutralization of Input During Web Page Generation issue, enables attackers to inject malicious scripts into web pages viewed by other users. This vulnerability can lead to stolen session tokens or other sensitive data, and occurs in the plugin version from n/a through 1.2.0. Users are advised to update the plugin to the latest version as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share