CVE-2024-4490

🗓️ 10 May 2024 11:03:00Reported by WordfenceType

The Elegant Themes WordPress plugins are vulnerable to DOM-Based Stored Cross-Site Scriptin

Reporter	Title	Published	Views	Family All 15
CNNVD	WordPress Themes 安全漏洞	14 May 202400:00	–	cnnvd
Cvelist	CVE-2024-4490 Elegant Themes Divi Theme, Extra Theme, Divi Page Builder <= 4.25.0 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting	10 May 202411:03	–	cvelist
EUVD	EUVD-2024-44104	3 Oct 202520:07	–	euvd
NVD	CVE-2024-4490	14 May 202415:43	–	nvd
Patchstack	WordPress Extra Theme <= 4.25.0 is vulnerable to Cross Site Scripting (XSS)	10 May 202400:00	–	patchstack
Patchstack	WordPress Divi theme <= 4.25.0 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability	10 May 202402:15	–	patchstack
Patchstack	WordPress Divi Theme <= 4.25.0 is vulnerable to Cross Site Scripting (XSS)	10 May 202400:00	–	patchstack
Patchstack	WordPress Divi Builder Plugin <= 4.25.0 is vulnerable to Cross Site Scripting (XSS)	10 May 202400:00	–	patchstack
Patchstack	WordPress Extra theme <= 4.25.0 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability	10 May 202402:17	–	patchstack
Patchstack	WordPress Divi Builder plugin <= 4.25.0 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability	10 May 202402:16	–	patchstack

Vulners

Node

elegant_themes divi_builderRange≤4.25.0wordpress

elegant_themes diviRange≤4.25.0wordpress

elegant_themes divi_extraRange≤4.25.0wordpress

[
  {
    "vendor": "Elegant Themes",
    "product": "Divi Builder",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThanOrEqual": "4.25.0",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Elegant Themes",
    "product": "Divi",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThanOrEqual": "4.25.0",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Elegant Themes",
    "product": "Divi Extra",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThanOrEqual": "4.25.0",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
elegantthemes	www.elegantthemes.com/api/changelog/divi.txt
elegantthemes	www.elegantthemes.com/
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/efac70f6-d959-41f7-bdef-d554f1c9133e

15 Apr 2026 00:35Current

5.8Medium risk

Vulners AI Score5.8

CVSS 3.16.4

EPSS0.00239

SSVC

CWE-79