CVE-2024-54211
WordPress Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin <= 1.5.8 - Cross Site Scripting (XSS) vulnerabilityImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Visualmodo Borderless borderless allows Cross-Site Scripting (XSS).This issue affects Borderless: from n/a through <= 1.5.8.
We have discovered 197 live websites that are affected by CVE-2024-54211.
Affected Software
| Product |  Borderless |
| Category | Wordpress Plugins |
| Vulnerable Domains | 197 live websites (20% of Borderless install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 22 versions ( 69% of all versions) |
Details
- Published - Dec 6, 2024
- Updated - Apr 1, 2026
Credits
- 4rCanJ0x! | Patchstack Bug Bounty Program (finder)
CVE References
Website Distribution by Country
Number of websites using CVE-2024-54211 United States | 52 websites |
 Switzerland | 20 websites |
 GB | 14 websites |
 France | 12 websites |
 Germany | 9 websites |
 Netherlands | 9 websites |
 Indonesia | 5 websites |
 Austria | 5 websites |
 Brazil | 5 websites |
 South Africa | 5 websites |
Website Distribution by TLD
Number of websites using CVE-2024-54211| .com | 65 websites |
| .ch | 19 websites |
| .org | 16 websites |
| .co.uk | 10 websites |
| .nl | 7 websites |
| .com.br | 6 websites |
| .it | 6 websites |
| .fr | 6 websites |
| .at | 4 websites |
| .com.au | 4 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2024-54211
Top websites that are affected by CVE-2024-54211. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| ***************.fr | France | *,***,*** | |
| **********.com | United States | *,***,*** | |
| ********.******.org | United States | *,***,*** | |
| ****.ad | France | *,***,*** | |
| ****.***.au | United States | *,***,*** | |
| ********.nl | Netherlands | *,***,*** | |
| **************.org | United States | *,***,*** | |
| *****************.com | United States | *,***,*** | |
| *********.**.uk | GB | *,***,*** | |
| *******************************.com | United States | *,***,*** |
FAQ
A total of 197 websites have been identified as vulnerable to CVE-2024-54211, based on global website indexing conducted by WebTechSurvey.
The Borderless is affected by the CVE-2024-54211 vulnerability.
Borderless versions up to and including 1.5.8 are vulnerable to CVE-2024-54211.