CVE-2024-30547
Unknown Unknown - Not Provided
DOM-Based XSS in Shazdeh Header Image Slider Allows Code Injection

Publication date: 2026-01-06

Last updated on: 2026-01-06

Assigner: Patchstack

Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Shazdeh Header Image Slider header-image-slider allows DOM-Based XSS.This issue affects Header Image Slider: from n/a through 0.3.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-06
Last Modified
2026-01-06
Generated
2026-05-07
AI Q&A
2026-01-06
EPSS Evaluated
2026-05-05
NVD
CVE-2024-30547
EUVD
EUVD-2024-28467
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
shazdeh header_image_slider to 0.3 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2024-30547 is a Cross Site Scripting (XSS) vulnerability in the WordPress Header Image Slider Plugin (versions up to 0.3). It allows attackers to inject malicious scripts, such as redirects or advertisements, into a website. These scripts execute when visitors access the compromised site, potentially leading to unauthorized actions or data exposure. The vulnerability is DOM-Based XSS and classified under OWASP Top 10 A3: Injection. [1]


How can this vulnerability impact me? :

This vulnerability can impact you by allowing attackers to execute malicious scripts on your website, which can lead to unauthorized redirects, display of unwanted advertisements, theft of user data, or other malicious activities. It requires user interaction but no authentication, meaning any visitor clicking a crafted link or visiting a malicious page could trigger the attack. This can damage your website's integrity, user trust, and potentially lead to further security breaches. [1]


What immediate steps should I take to mitigate this vulnerability?

Immediate steps include applying the mitigation rule issued by Patchstack to block attacks targeting this vulnerability until an official patch is released. Additionally, using automated vulnerability mitigation services provided by Patchstack can help protect affected websites running the Header Image Slider plugin version 0.3 or earlier. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart