CVE-2024-5327 is a DOM-based stored cross-site scripting vulnerability identified in the PowerPack Addons for Elementor plugin for WordPress, specifically affecting all versions up to and including 2.7.19. The vulnerability stems from insufficient sanitization and escaping of the 'pp_animated_gradient_bg_color' parameter, which is used during web page generation. Authenticated attackers with Contributor-level or higher privileges can exploit this flaw by injecting arbitrary JavaScript code into pages. Because the vulnerability is stored, the malicious script persists in the website's content and executes in the context of any user who views the infected page, potentially compromising user sessions, stealing cookies, or performing unauthorized actions. The CVSS 3.1 base score is 6.4, reflecting a medium severity level, with a vector indicating network attack vector, low attack complexity, low privileges required, no user interaction, and a scope change. The vulnerability affects the confidentiality and integrity of user data but does not impact availability. No patches are currently linked, and no known exploits have been reported in the wild. The vulnerability is classified under CWE-79, which covers improper neutralization of input leading to cross-site scripting. The flaw requires authenticated access, which somewhat limits the attack surface but remains a significant risk for websites that allow contributor-level users or higher to add or edit content.

The impact of CVE-2024-5327 is primarily on the confidentiality and integrity of websites using the affected plugin. Successful exploitation allows attackers to execute arbitrary scripts in the browsers of users visiting the compromised pages, leading to session hijacking, theft of sensitive information such as cookies or credentials, and potential privilege escalation within the website. This can result in unauthorized content modification, defacement, or further compromise of the website's backend if administrative users are targeted. Since the vulnerability requires authenticated access at the Contributor level or above, the risk is elevated in environments where multiple users have content editing privileges. The scope of affected systems includes any WordPress site using the PowerPack Addons for Elementor plugin up to version 2.7.19, which is widely used globally. The lack of known exploits in the wild reduces immediate risk but does not eliminate the threat, especially as attackers may develop exploits following public disclosure. Organizations relying on this plugin face reputational damage, data breaches, and potential regulatory consequences if user data is compromised.

To mitigate CVE-2024-5327, organizations should immediately update the PowerPack Addons for Elementor plugin to a patched version once available. In the absence of an official patch, administrators should restrict Contributor-level and higher access to trusted users only and audit existing user privileges to minimize the attack surface. Implementing strict input validation and output encoding on the 'pp_animated_gradient_bg_color' parameter can reduce the risk of script injection. Web Application Firewalls (WAFs) with custom rules targeting suspicious script injection patterns related to this parameter may provide temporary protection. Regularly scanning the website for injected scripts and monitoring logs for unusual activity can help detect exploitation attempts. Additionally, educating content contributors about the risks of injecting untrusted content and enforcing security best practices in content management workflows will further reduce exposure. Finally, organizations should maintain up-to-date backups to enable recovery in case of compromise.