#CVE-2024-11046

WordPress Sites Targeted via Kirki and Burst Statistics Vulnerabilities

Attackers are exploiting unauthenticated stored XSS in Kirki and Burst Statistics plugins to achieve privilege escalation and website takeover.