CVE-2024-54224

Name of the Vulnerable Software and Affected Versions: ElementsReady Addons for Elementor versions through 6.4.7

Description: The issue is related to an Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing DOM-Based XSS. This means that an attacker could potentially inject malicious scripts into the website, affecting the DOM (Document Object Model) directly.

Recommendations: For versions through 6.4.7, update to a version later than 6.4.7 to resolve the issue. At the moment, there is no information about other specific mitigation measures for this vulnerability.