CVE-2024-8801
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Summary
CVE-2024-8801 affects the Happy Addons for Elementor plugin for WordPress, with all versions up to and including 3.12.2 being vulnerable to sensitive information exposure through the Content Switcher widget. This vulnerability allows authenticated attackers with Contributor-level access or higher to retrieve sensitive data, such as private and draft Elementor templates. To remediate this issue, users are advised to update the plugin to the latest version. The potential danger includes unauthorized access to confidential information, which poses a medium risk to an organization's data security. The exploitability score is rated at 2.8, indicating low privileges required and no user interaction necessary for exploitation.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.