Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2024-5647

🗓️ 03 Jul 2025 09:22:19Reported by WordfenceType 
cve
 cve🔗 web.nvd.nist.gov👁 39 Views

Multiple WordPress plugins are vulnerable to Stored Cross-Site Scripting via Magnific Popups library.

Related
Detection
Affected
Refs
ReporterTitlePublishedViews
Family
ATTACKERKB		CVE-2024-5647
3 Jul 202510:15
attackerkb
CNNVD		WordPress多款产品 跨站脚本漏洞
3 Jul 202500:00
cnnvd
Cvelist		CVE-2024-5647 Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library
3 Jul 202509:22
cvelist
EUVD		EUVD-2024-54725
3 Oct 202520:07
euvd
NVD		CVE-2024-5647
3 Jul 202510:15
nvd
Patchstack		WordPress DiviTorque plugin <= 4.0.5 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library vulnerability
31 Dec 202500:00
patchstack
Patchstack		WordPress Carousel Slider plugin <= 2.2.14 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library vulnerability
31 Dec 202500:00
patchstack
Patchstack		WordPress Happy Addons for Elementor plugin <= 3.12.2 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library vulnerability
31 Dec 202500:00
patchstack
Patchstack		WordPress Robo Gallery plugin <= 3.2.22 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library vulnerability
31 Dec 202500:00
patchstack
Patchstack		WordPress Gutentor plugin <= 3.4.9 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library vulnerability
31 Dec 202500:00
patchstack
Rows per page
Vulners
Node
blossomthemesblossomthemes_social_feedRange2.0.5wordpress
OR
sayfulcarousel_sliderRange2.2.14wordpress
OR
divisupremesupreme_modules_lite_divi_theme,_extra_theme_and_divi_builderRange2.5.52wordpress
OR
robosoftrobo_gallery_photo_&_image_sliderRange3.2.22wordpress
OR
gutentorgutentor_gutenberg_blocks_page_builder_for_gutenberg_editorRange3.4.9wordpress
OR
oceanwpoceanwpRange3.6.0wordpress
OR
thehappymonsterhappy_addons_for_elementorRange3.12.2wordpress
OR
badhonrocksdivi_torque_lite_divi_theme,_divi_builder_&_extra_themeRange4.0.5wordpress
OR
elegant_themesdivi_builderRange4.27.1wordpress
OR
elegant_themesdiviRange4.27.1wordpress
OR
elegant_themesdivi_extraRange4.27.1wordpress
OR
boldthemesbold_page_builderRange5.1.2wordpress
OR
wpdevteamessential_addons_for_elementor_popular_elementor_templates_&_widgetsRange6.0.4wordpress
OR
gn_themeswp_shortcodes_plugin_shortcodes_ultimateRange7.4.2wordpress
[
  {
    "vendor": "blossomthemes",
    "product": "BlossomThemes Social Feed",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThanOrEqual": "2.0.5",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "sayful",
    "product": "Carousel Slider",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThanOrEqual": "2.2.14",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "divisupreme",
    "product": "Supreme Modules Lite – Divi Theme, Extra Theme and Divi Builder",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThanOrEqual": "2.5.52",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "robosoft",
    "product": "Robo Gallery – Photo & Image Slider",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThanOrEqual": "3.2.22",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "gutentor",
    "product": "Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThanOrEqual": "3.4.9",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "oceanwp",
    "product": "OceanWP",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThanOrEqual": "3.6.0",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "thehappymonster",
    "product": "Happy Addons for Elementor",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThanOrEqual": "3.12.2",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "badhonrocks",
    "product": "Divi Torque Lite – Divi Theme, Divi Builder & Extra Theme",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThanOrEqual": "4.0.5",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Elegant Themes",
    "product": "Divi Builder",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThanOrEqual": "4.27.1",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Elegant Themes",
    "product": "Divi",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThanOrEqual": "4.27.1",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Elegant Themes",
    "product": "Divi Extra",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThanOrEqual": "4.27.1",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "boldthemes",
    "product": "Bold Page Builder",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThanOrEqual": "5.1.2",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "wpdevteam",
    "product": "Essential Addons for Elementor – Popular Elementor Templates & Widgets",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThanOrEqual": "6.0.4",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "gn_themes",
    "product": "WP Shortcodes Plugin — Shortcodes Ultimate",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThanOrEqual": "7.4.2",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]
SourceLink
githubwww.github.com/dimsemenov/Magnific-Popup/releases/tag/1.2.0
pluginswww.plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/trunk/assets/front-end/js/lib-view/magnific-popup/jquery.magnific-popup.js
elegantthemeswww.elegantthemes.com/api/changelog/divi.txt
themeswww.themes.trac.wordpress.org/changeset/244604/oceanwp
pluginswww.plugins.trac.wordpress.org/changeset/3154460/happy-elementor-addons
pluginswww.plugins.trac.wordpress.org/changeset/3166204/carousel-slider
pluginswww.plugins.trac.wordpress.org/browser/robo-gallery/trunk/js/robo_gallery.js
wordfencewww.wordfence.com/threat-intel/vulnerabilities/id/dae80fc2-3076-4a32-876d-5df1c62de9bd
pluginswww.plugins.trac.wordpress.org/changeset/3184626/addons-for-divi
pluginswww.plugins.trac.wordpress.org/browser/shortcodes-ultimate/trunk/vendor/magnific-popup/magnific-popup.js
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
17 Jun 2026 08:16Current
5.7Medium risk
Vulners AI Score5.7
CVSS 3.16.4
EPSS0.00292
SSVC
CWE-79
cve-2024-5647wordpress pluginsstored cross-site scriptingmagnific popupsauthenticated attackers
39