CVE-2024-56226

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Dec 31, 2024
CWE ID 79

Summary

CVE-2024-56226 is a Cross-site Scripting (XSS) vulnerability affecting WP Royal's Royal Elementor Addons. The flaw, which involves improper neutralization of user input during web page generation, can enable Reflected XSS attacks. This issue poses a significant security risk, as attackers can inject malicious scripts into a victim's web browser and potentially steal sensitive data or perform unauthorized actions. The vulnerability affects Royal Elementor Addons versions from n/a through 1.7.1001. Users are strongly advised to update to a patched version as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share