2024-11-18
This blog post details a vulnerability (CVE-2024-51590) in Hoo Addons for Elementor, a WordPress plugin.
:
Platform: WordPress (Hoo Addons for Elementor plugin)
Version: Up to 1.0.6
Vulnerability: Cross-Site Scripting (XSS)
Severity: Not yet determined (CVSS information is undergoing analysis)
Date: November 9th, 2024 (publicly disclosed)
What Undercode Says:
This vulnerability allows attackers to inject malicious scripts into web pages built with Hoo Addons for Elementor. These scripts could then be used to steal user data, redirect users to malicious websites, or deface websites.
We recommend that users of Hoo Addons for Elementor update to the latest version (if available) or disable the plugin until a patch is released.
Additional Notes:
More information on the vulnerability can be found on the National Vulnerability Database (NVD) at [link to NVD entry for CVE-2024-51590].
There is no information on the severity of this vulnerability yet (CVSS score is not available).
Disclaimer: This information is for educational purposes only and should not be considered professional security advice.
References:
Reported By: Nvd.nist.gov
Undercode AI: https://ai.undercodetesting.com
Image Source:
OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.help