CVE-2024-47332 identifies a stored cross-site scripting (XSS) vulnerability in the wowDevs Sky Addons for Elementor plugin, specifically affecting versions up to and including 2.5.11. The vulnerability stems from improper neutralization of user-supplied input during the generation of web pages, which allows malicious scripts to be injected and stored within the website's content. When other users or administrators access the affected pages, the malicious script executes in their browsers under the context of the vulnerable site. This can lead to theft of cookies, session tokens, or other sensitive information, as well as unauthorized actions performed on behalf of the victim user. The vulnerability does not require authentication, meaning any unauthenticated attacker can exploit it by submitting crafted input. The stored nature of the XSS increases its impact compared to reflected XSS, as the malicious payload persists and affects multiple users. The plugin is widely used in WordPress environments that utilize Elementor for page building, making the attack surface significant. No official patches or exploit code are currently publicly available, but the vulnerability has been published and should be addressed promptly. The lack of a CVSS score necessitates an expert severity assessment based on the characteristics of the vulnerability.

The impact of CVE-2024-47332 is substantial for organizations using the wowDevs Sky Addons for Elementor plugin. Successful exploitation can compromise the confidentiality and integrity of user data by enabling attackers to hijack user sessions, steal credentials, or perform unauthorized actions within the context of the affected website. This can lead to account takeover, defacement, or distribution of malware to site visitors, damaging organizational reputation and trust. Since the vulnerability is stored XSS and does not require authentication, it can be exploited at scale by attackers targeting multiple sites. Organizations with high-traffic websites or those handling sensitive user information are particularly at risk. Additionally, the exploitation could facilitate further attacks such as phishing or lateral movement within the victim’s network if administrative users are targeted. The absence of known exploits in the wild currently reduces immediate risk but does not eliminate the threat, as attackers may develop exploits following public disclosure.

To mitigate CVE-2024-47332, organizations should immediately update the wowDevs Sky Addons for Elementor plugin to a patched version once available. Until a patch is released, administrators should consider disabling or removing the vulnerable plugin to eliminate the attack vector. Implementing a Web Application Firewall (WAF) with rules to detect and block common XSS payloads can provide temporary protection. Additionally, input validation and output encoding should be enforced at the application level to neutralize malicious input. Site administrators should audit content submitted through the plugin for suspicious scripts or HTML. Enabling Content Security Policy (CSP) headers can help restrict the execution of unauthorized scripts in browsers. Regular security scanning and monitoring for unusual activity or injected scripts are recommended. Educating users and administrators about the risks of XSS and safe content management practices can further reduce exposure.