This vulnerability (CVE-2024-39665) in YMC Filter & Grids is classified as CWE-79, involving improper neutralization of input during web page generation, which leads to stored cross-site scripting (XSS). It affects versions through 2.9.2. The CVSS 3.1 vector (AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L) indicates that the vulnerability can be exploited remotely over the network with low attack complexity, requires low privileges and user interaction, and impacts confidentiality, integrity, and availability to a limited extent with scope change. No official patch or remediation level has been provided by the vendor or authoritative sources.

Successful exploitation of this stored XSS vulnerability could allow an attacker to execute arbitrary scripts in the context of the affected web application, potentially leading to limited disclosure of information, modification of data, and partial disruption of service. The impact is rated medium based on the CVSS score of 6.5. There are no known active exploits in the wild at this time.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, users should consider applying input validation and output encoding controls where possible to mitigate stored XSS risks. Monitor vendor communications for updates on patches or official mitigations.