CVE-2024-5553
Premium Addons for Elementor <= 4.10.33 - Authenticated (Contributor+) DOM-Based Stored Cross-Site ScriptingThe Premium Addons for Elementor plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via several parameters in all versions up to, and including, 4.10.33 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses and edits an injected element, and subsequently clicks the element with the mouse scroll wheel.
We have discovered 30,387 live websites that are affected by CVE-2024-5553.
Affected Software
| Product |  Premium Addons for Elementor |
| Category | Wordpress Plugins |
| Vulnerable Domains | 30,387 live websites (25.82% of Premium Addons for Elementor install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 380 versions ( 87.56% of all versions) |
Details
- Published - Jun 12, 2024
- Updated - Aug 1, 2024
Credits
- wesley (finder)
CVE References
CVE-2024-5553 usage by Country
 United States | 9,511 websites |
 Germany | 3,737 websites |
 France | 1,989 websites |
 Cyprus | 1,180 websites |
 Russia | 1,070 websites |
 GB | 1,063 websites |
 Brazil | 1,051 websites |
 Poland | 1,016 websites |
 Spain | 780 websites |
 Italy | 663 websites |
CVE-2024-5553 usage by TLD
| .com | 12,419 websites |
| .com.br | 1,552 websites |
| .de | 1,355 websites |
| .org | 1,106 websites |
| .ru | 832 websites |
| .pl | 814 websites |
| .co.uk | 718 websites |
| .fr | 710 websites |
| .it | 585 websites |
| .nl | 559 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2024-5553
Top websites that are affected by CVE-2024-5553. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| ***********.com | United States | *,*** | |
| *********.com | United States | **,*** | |
| *******************.es | Spain | **,*** | |
| ***********.com | United States | **,*** | |
| ********.es | United States | **,*** | |
| *******.org | United States | **,*** | |
| *********.com |  United Arab Emirates | **,*** | |
| **************.com | United States | **,*** | |
| ********.**.il |  Israel | **,*** | |
| *********.**.th | United States | **,*** |
FAQ
A total of 30,387 websites have been identified as vulnerable to CVE-2024-5553, discovered through global website indexing conducted by WebTechSurvey.
Premium Addons for Elementor is susceptible to CVE-2024-5553 vulnerability.
Premium Addons for Elementor versions before, and including, 4.10.33 are vulnerable to CVE-2024-5553.