CourseVector Logo (white)

Hosting • Web • Marketing

Supreme Modules Lite <= 2.5.3 – 6.4 Vulnerability

Supreme Modules Lite <= 2.5.3 – 6.4 Vulnerability

At CourseVector, our managed hosting team is dedicated to monitoring and resolving issues to keep our clients’ websites running smoothly and securely. Recently, we addressed a security vulnerability (CVE-2024-4334) in the Supreme Modules Lite plugin for WordPress.

The Supreme Modules Lite – Divi Theme, Extra Theme and Divi Builder plugin for WordPress is vulnerable to DOM-Based Cross-Site Scripting via the ‘typing_cursor’ parameter in versions up to, and including, 2.5.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

By addressing such vulnerabilities, we safeguard our clients’ websites from potential threats. To ensure your site receives this level of vigilant protection, consider exploring our Managed WordPress hosting services.

Happy Holidays!

With the holiday season upon us our staff will be taking some time to relax and enjoy time with their families.

We may be a bit slower to respond during this period. If you haven’t gotten a response within 24 hours during our normal business hours, please use our support request form and indicate it is an emergency and someone will get back to you quickly.

 

Search

Sign Up for Our Newsletter

Thank you for your interest in our newsletter! Fill in the form below to receive periodic updates on internet and website security, free cybersecurity posters, WordPress news, and more!

"*" indicates required fields

Name*

Your privacy is important to us. We do not share your information with anyone. You can opt out of our newsletter at any time.

Stay up to date with technology, scams, WordPress, and more. Follow CourseVector on Facebook today!