CVE-2024-2848

Name of the Vulnerable Software and Affected Versions The Responsive theme for WordPress versions up to, and including, 5.0.2

Description The issue allows unauthorized modification of data due to a missing capability check on the save footer text callback function. This makes it possible for unauthenticated attackers to inject arbitrary HTML content into the site's footer.

Recommendations For versions up to, and including, 5.0.2, update to a version higher than 5.0.2 to resolve the issue. As a temporary workaround, consider disabling the save footer text callback function until a patch is available. Restrict access to the footer modification feature to minimize the risk of exploitation.