Cross-site Scripting Vulnerability in Ultimate Flipbox Addon for Elementor by aniketji007
CVE-2024-51870
6.5MEDIUM
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 19 November 2024
What is CVE-2024-51870?
A Cross-site Scripting (XSS) vulnerability exists in the Ultimate Flipbox Addon for Elementor developed by aniketji007. This vulnerability arises from improper neutralization of user input during web page generation, allowing for stored XSS attacks. Malicious actors could exploit this flaw to inject harmful scripts into web pages viewed by unsuspecting users. This issue affects all versions of the Ultimate Flipbox Addon up to .4, posing a significant risk to websites using this addon.
Affected Version(s)
Ultimate Flipbox Addon for Elementor 0 <= 1.0.4