The vulnerability CVE-2024-54247 in ABCBiz Addons and Templates for Elementor is a stored cross-site scripting issue caused by improper input neutralization during web page generation. It affects versions up to 2.0.2 and allows an attacker with low privileges to inject malicious scripts that execute when a user interacts with the affected content. The CVSS 3.1 score is 6.5, reflecting network attack vector, low attack complexity, required privileges, user interaction, and impacts on confidentiality, integrity, and availability. No patch or official remediation has been disclosed by the vendor as of the publication date.

Successful exploitation could allow an attacker to execute arbitrary scripts in the context of the affected web application, potentially leading to data disclosure, modification, or disruption of service. The vulnerability requires user interaction and low privileges, which limits but does not eliminate risk. There are no reports of active exploitation in the wild currently.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, consider restricting user input that can be rendered in web pages or applying web application firewall rules to detect and block XSS payloads relevant to this plugin. Monitor vendor channels for updates and apply patches promptly once released.