CVE-2024-30555

Name of the Vulnerable Software and Affected Versions Ultimate Social Comments – Email Notification & Lazy Load versions 1.4.8 and earlier

Description The issue is related to improper neutralization of input during web page generation, which leads to a Cross-site Scripting (XSS) vulnerability, specifically a Stored XSS. This allows for malicious scripts to be stored on the server and executed when a user accesses the affected page.

Recommendations For Ultimate Social Comments – Email Notification & Lazy Load versions 1.4.8 and earlier, update to a version later than 1.4.8 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.