

Multiple SonicWall Products Vulnerabilities
December 9, 2024
Multiple Microsoft Windows Vulnerabilities
December 9, 2024
Multiple SonicWall Products Vulnerabilities
December 9, 2024
Multiple Microsoft Windows Vulnerabilities
December 9, 2024Severity
High
Analysis Summary
CVE-2024-52470 CVSS:7.1
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brainvireinfo Dynamic URL SEO allows Reflected XSS.This issue affects Dynamic URL SEO: from n/a through 1.0.
CVE-2024-52471 CVSS:7.1
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in petesheppard84 Extensions for Elementor allows Reflected XSS.This issue affects Extensions for Elementor: from n/a through 2.0.37.
CVE-2024-52472 CVSS:7.1
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Weather Atlas Weather Atlas Widget allows Reflected XSS.This issue affects Weather Atlas Widget: from n/a through 3.0.1.
CVE-2024-52473 CVSS:7.1
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Sandeep Verma HTML5 Lyrics Karaoke Player allows Reflected XSS.This issue affects HTML5 Lyrics Karaoke Player: from n/a through 2.4.
Impact
- Cross-Site Scripting
Indicators of Compromise
CVE
- CVE-2024-52470
- CVE-2024-52471
- CVE-2024-52472
- CVE-2024-52473
Affected Vendors
Affected Products
- Brainvireinfo Dynamic URL SEO - n/a
- petesheppard84 Extensions for Elementor - n/a
- Weather Atlas Weather Atlas Widget - n/a
- Sandeep Verma HTML5 Lyrics Karaoke Player - n/a
Remediation
Upgrade to the latest version, available from the WordPress Plugin Directory.