CVE-2024-1234
published 2024-03-13CVE-2024-1234: The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via data attribute in all versions up to, and including…
PriorityP430medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
EXPLOIT
EPSS
1.59%
72.7th percentile
The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via data attribute in all versions up to, and including, 2.6.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or higher, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| exclusiveaddons | exclusive_addons_for_elementor | < 2.6.9.1 | 2.6.9.1 |
| timstrifler | exclusive_addons_for_elementor | <= 2.6.9 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Exclusive Addons for Elementor 2.6.9 - Stored Cross-Site Scripting (XSS)
exploitdb·2025-04-05·CVSS 6.4
CVE-2024-1234 [MEDIUM] Exclusive Addons for Elementor 2.6.9 - Stored Cross-Site Scripting (XSS)
Exclusive Addons for Elementor 2.6.9 - Stored Cross-Site Scripting (XSS)
---
# Exploit Title: Exclusive Addons for Elementor ≤ 2.6.9 - Authenticated Stored Cross-Site Scripting (XSS)
# Original Author: Wordfence Security Team
# Exploit Author: Al Baradi Joy
# Exploit Date: March 13, 2024
# Vendor Homepage: https://exclusiveaddons.com/
# Software Link: https://wordpress.org/plugins/exclusive-addons-for-elementor/
# Version: Up to and including 2.6.9
# Tested Versions: 2.6.9
# CVE ID: CVE-2024-1234
# Vulnerability Type: Stored Cross-Site Scripting (XSS)
# Description:
The Exclusive Addons for Exclusive Addons for Elementor for WordPress, in versions up to
and including 2.6.9, is vulnerable to stored cross-site scripting (XSS) via
the 's' parameter. Due to improper input sanitization and ou
Exploit-DB
Microsoft Windows 10.0.17763.5458 - Kernel Privilege Escalation
exploitdb·2024-04-02·CVSS 7.8
CVE-2024-21338 [HIGH] Microsoft Windows 10.0.17763.5458 - Kernel Privilege Escalation
Microsoft Windows 10.0.17763.5458 - Kernel Privilege Escalation
---
#############################################
# Exploit Title : Microsoft Windows 10.0.17763.5458 - Kernel Privilege Escalation
# Exploit Author: E1 Coders
# CVE: CVE-2024-21338
#############################################
require 'msf/core'
class MetasploitModule 'CVE-2024-21338 Exploit',
'Description' => 'This module exploits a vulnerability in FooBar version 1.0. It may lead to remote code execution.',
'Author' => 'You',
'License' => MSF_LICENSE,
'References' => [
['CVE', '2024-21338']
]
)
)
register_options(
[
OptString.new('RHOST', [true, 'The target address', '127.0.0.1']),
OptPort.new('RPORT', [true, 'The target port', 1234])
]
)
end
def check
connect
begin
impacket_artifact(dcerpc_binding('ncacn_ip_tcp'),
Bleepingcomputer
From Cipher to Fear: The psychology behind modern ransomware extortion
blogs_bleepingcomputer·2026-01-27
From Cipher to Fear: The psychology behind modern ransomware extortion
## From Cipher to Fear: The psychology behind modern ransomware extortion
## Flare
For years, security teams treated ransomware as a technological problem. Security teams hardened backup systems, deployed endpoint detection, practiced incident response playbooks built around data recovery, and employed attack surface management to prevent initial access.
But in 2025, that playbook is dangerously outdated. Today's ransomware operations have evolved beyond file encryption into something far more difficult to defend against, systematized extortion campaigns that weaponize stolen data, legal liability, and psychological pressure at industrial scale.
The known solution—restore from backup—no longer addresses the threat. Now, organizations need to respond to data exposure, legal liability, a
Wiz
What is a Vulnerability Scanning Report? Definition and Tips | Wiz
blogs_wiz·2025-12-05
What is a Vulnerability Scanning Report? Definition and Tips | Wiz
## What is a vulnerability scanning report?
A vulnerability scanning report is a structured summary of everything a vulnerability scanner found in your environment. This means it tells you what is vulnerable, how bad it is, and what you should do next.
You can think of it as the "lab results" for your security scan. The scanner does the technical work in the background; the report is what you actually read and act on.
Most reports follow a similar pattern:
- Summary: high‑level view of risk and key numbers
- Details: list of vulnerabilities on specific assets
- Guidance: clear steps to fix or reduce the risk
If your team runs vulnerability scanning but never turns the results into a report, you are missing the main value of the process.
###### AWS Vulnerability Management Best Practi
Wiz
What is a Vulnerability Scanning Report? Definition and Tips | Wiz
blogs_wiz·2025-12-05
What is a Vulnerability Scanning Report? Definition and Tips | Wiz
## What is a vulnerability scanning report?
A vulnerability scanning report is a structured summary of everything a vulnerability scanner found in your environment. This means it tells you what is vulnerable, how bad it is, and what you should do next.
You can think of it as the "lab results" for your security scan. The scanner does the technical work in the background; the report is what you actually read and act on.
Most reports follow a similar pattern:
Summary: high‑level view of risk and key numbers
Details: list of vulnerabilities on specific assets
Guidance: clear steps to fix or reduce the risk
If your team runs vulnerability scanning but never turns the results into a report, you are missing the main value of the process.
## AWS Vulnerability Management Best Practices
Thi
Wiz
What Is Enrichment In Threat Intelligence? | Wiz
blogs_wiz·2025-10-27
What Is Enrichment In Threat Intelligence? | Wiz
## What is enrichment in threat intelligence?
Enrichment in threat intelligence is the process of adding context, metadata, and relationships to raw security data to make it actionable. This means taking isolated data points like IP addresses, domain names, or file hashes and layering them with meaningful information about their origin, behavior, and potential threat level.
Think of it like this: a raw IP address tells you almost nothing. But when you enrich that IP address with its geolocation, reputation score, associated malicious campaigns, and historical activity, you suddenly have a complete picture that helps you decide if it's a real threat or just background noise.
The difference between raw threat data and enriched intelligence is like the difference between seeing a license p
Wiz
What Is Enrichment In Threat Intelligence? | Wiz
blogs_wiz·2025-10-27
What Is Enrichment In Threat Intelligence? | Wiz
## What is enrichment in threat intelligence?
Enrichment in threat intelligence is the process of adding context, metadata, and relationships to raw security data to make it actionable. This means taking isolated data points like IP addresses, domain names, or file hashes and layering them with meaningful information about their origin, behavior, and potential threat level.
Think of it like this: a raw IP address tells you almost nothing. But when you enrich that IP address with its geolocation, reputation score, associated malicious campaigns, and historical activity, you suddenly have a complete picture that helps you decide if it's a real threat or just background noise.
The difference between raw threat data and enriched intelligence is like the difference between seeing a license p
Bleepingcomputer
Zyxel won’t patch newly exploited flaws in end-of-life routers
blogs_bleepingcomputer·2025-02-04·CVSS 8.8
CVE-2024-40891 [HIGH] Zyxel won’t patch newly exploited flaws in end-of-life routers
## Zyxel won’t patch newly exploited flaws in end-of-life routers
## Bill Toulas
In a new post today, VulnCheck presented the full details of the two flaws it observed in attacks aimed at gaining initial access to networks:
CVE-2024-40891 – Authenticated users can exploit Telnet command injection due to improper command validation in libcms_cli.so. Certain commands (e.g., ifconfig, ping, tftp) are passed unchecked to a shell execution function, allowing arbitrary code execution using shell metacharacters.
CVE-2025-0890 – Devices use weak default credentials (admin:1234, zyuser:1234, supervisor:zyad1234), which many users don't change. The supervisor account has hidden privileges, granting full system access, while zyuser can exploit CVE-2024-40891 for remote code execution.
VulnCheck
Bugzilla
CVE-2024-10295 Gateway: APICast Basic Auth Bypass via Malformed Base64 HeadersSending non-base64 'basic' auth with special characters causes APICast to incorrectly authenticate a request
bugzilla·2024-10-23·CVSS 7.5
CVE-2024-10295 [HIGH] CVE-2024-10295 Gateway: APICast Basic Auth Bypass via Malformed Base64 HeadersSending non-base64 'basic' auth with special characters causes APICast to incorrectly authenticate a request
CVE-2024-10295 Gateway: APICast Basic Auth Bypass via Malformed Base64 HeadersSending non-base64 'basic' auth with special characters causes APICast to incorrectly authenticate a request
When a request contains an invalid base64-encoded header (e.g., Authorization: Basic 1234?), APICast does not properly handle the decoding failure. Instead, it skips the remaining authentication steps and processes the request, allowing unauthorized access to the backend service. This can lead to potential security risks as unverified requests are processed by the backend.
Bugzilla
CVE-2023-3966 openvswsitch: ovs-vswitch fails to recover after malformed geneve metadata packet
bugzilla·2023-03-15·CVSS 7.5
CVE-2023-3966 [HIGH] CVE-2023-3966 openvswsitch: ovs-vswitch fails to recover after malformed geneve metadata packet
CVE-2023-3966 openvswsitch: ovs-vswitch fails to recover after malformed geneve metadata packet
ovs-vswitch fails to recover after malformed geneve metadata packet
Discussion:
Created openvswitch tracking bugs for this issue:
Affects: fedora-all [bug 2264263]
---
This issue has been addressed in the following products:
Fast Datapath for Red Hat Enterprise Linux 8
Via RHSA-2024:1234 https://access.redhat.com/errata/RHSA-2024:1234
---
This issue has been addressed in the following products:
Fast Datapath for Red Hat Enterprise Linux 8
Via RHSA-2024:1235 https://access.redhat.com/errata/RHSA-2024:1235
---
This issue has been addressed in the following products:
Fast Datapath for Red Hat Enterprise Linux 9
Via RHSA-2024:1227 https://access.redhat.com/errata/RHSA-2024:1227
https://plugins.trac.wordpress.org/changeset/3042217/exclusive-addons-for-elementorhttps://www.wordfence.com/threat-intel/vulnerabilities/id/1b87fe3d-a88d-477a-8d91-4d7c2dba4a43?source=cvehttps://plugins.trac.wordpress.org/changeset/3042217/exclusive-addons-for-elementorhttps://www.wordfence.com/threat-intel/vulnerabilities/id/1b87fe3d-a88d-477a-8d91-4d7c2dba4a43?source=cve
2024-03-13
Published