Multiple SonicWall Products Vulnerabilities
December 9, 2024Multiple Microsoft Windows Vulnerabilities
December 9, 2024Multiple SonicWall Products Vulnerabilities
December 9, 2024Multiple Microsoft Windows Vulnerabilities
December 9, 2024Severity
High
Analysis Summary
CVE-2024-52470 CVSS:7.1
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brainvireinfo Dynamic URL SEO allows Reflected XSS.This issue affects Dynamic URL SEO: from n/a through 1.0.
CVE-2024-52471 CVSS:7.1
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in petesheppard84 Extensions for Elementor allows Reflected XSS.This issue affects Extensions for Elementor: from n/a through 2.0.37.
CVE-2024-52472 CVSS:7.1
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Weather Atlas Weather Atlas Widget allows Reflected XSS.This issue affects Weather Atlas Widget: from n/a through 3.0.1.
CVE-2024-52473 CVSS:7.1
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Sandeep Verma HTML5 Lyrics Karaoke Player allows Reflected XSS.This issue affects HTML5 Lyrics Karaoke Player: from n/a through 2.4.
Impact
- Cross-Site Scripting
Indicators of Compromise
CVE
- CVE-2024-52470
- CVE-2024-52471
- CVE-2024-52472
- CVE-2024-52473
Affected Vendors
Affected Products
- Brainvireinfo Dynamic URL SEO - n/a
- petesheppard84 Extensions for Elementor - n/a
- Weather Atlas Weather Atlas Widget - n/a
- Sandeep Verma HTML5 Lyrics Karaoke Player - n/a
Remediation
Upgrade to the latest version, available from the WordPress Plugin Directory.