CVE-2024-54253

Name of the Vulnerable Software and Affected Versions: Xpro Elementor Addons versions 1.4.6.1 and earlier

Description: The issue is related to improper neutralization of input during web page generation, which leads to a Stored Cross-site Scripting (XSS) vulnerability. This allows for the storage of malicious scripts that can be executed by other users, potentially leading to unauthorized actions on behalf of the user.

Recommendations: For versions 1.4.6.1 and earlier, update to a version later than 1.4.6.1 to resolve the issue. As a temporary workaround, consider restricting access to sensitive features of Xpro Elementor Addons until a patch is available.