CVE-2024-45454
WordPress Unlimited Elements for Elementor plugin <= 1.5.121 - Reflected Cross Site Scripting (XSS) vulnerabilityImproper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) allows Reflected XSS.This issue affects Unlimited Elements For Elementor (Free Widgets, Addons, Templates): from n/a through 1.5.121.
We have discovered 11,708 live websites that are affected by CVE-2024-45454.
Affected Software
| Product |  Unlimited Elements For Elementor |
| Category | Wordpress Plugins |
| Vulnerable Domains | 11,708 live websites (43.81% of Unlimited Elements For Elementor install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 144 versions ( 88.34% of all versions) |
Common Weakness Enumeration
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')Details
- Published - Oct 6, 2024
- Updated - Oct 7, 2024
Credits
- Rafie Muhammad (Patchstack) (finder)
CWE
CVE References
CWE References
CVE-2024-45454 usage by Country
 United States | 4,427 websites |
 Germany | 1,313 websites |
 Cyprus | 670 websites |
 France | 557 websites |
 GB | 375 websites |
 Russia | 342 websites |
 Brazil | 255 websites |
 Italy | 219 websites |
 Poland | 216 websites |
 Spain | 191 websites |
CVE-2024-45454 usage by TLD
| .com | 5,329 websites |
| .de | 465 websites |
| .org | 455 websites |
| .com.br | 407 websites |
| .ru | 295 websites |
| .it | 230 websites |
| .co.uk | 230 websites |
| .net | 217 websites |
| .com.au | 196 websites |
| .fr | 186 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2024-45454
Top websites that are affected by CVE-2024-45454. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| ***.cz |  Czech Republic | *,*** | |
| *********.me | United States | *,*** | |
| ********.com | United States | **,*** | |
| ****.com | Germany | **,*** | |
| ***.de | Germany | **,*** | |
| ******.com | United States | **,*** | |
| **************.de | Germany | **,*** | |
| ************.com | United States | **,*** | |
| ***********.com | United States | **,*** | |
| ****.org |  Switzerland | **,*** |
FAQ
CVE-2024-45454 is Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Unlimited Elements For Elementor
A total of 11,708 websites have been identified as vulnerable to CVE-2024-45454, discovered through global website indexing conducted by WebTechSurvey.
Unlimited Elements For Elementor is susceptible to CVE-2024-45454 vulnerability.
Unlimited Elements For Elementor versions before, and including, 1.5.121 are vulnerable to CVE-2024-45454.