CVE-2024-56208

Published Feb 20, 2026

Last updated 2 months ago

CVSS medium 6.5

Overview

AI description

Automated description summarized from trusted sources.

CVE-2024-56208 describes a Stored Cross-site Scripting (XSS) vulnerability found in desertthemes NewsMash. This flaw is categorized as an Improper Neutralization of Input During Web Page Generation. The vulnerability affects versions of NewsMash up to and including 1.0.71.

Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in desertthemes NewsMash newsmash allows Stored XSS.This issue affects NewsMash: from n/a through <= 1.0.71.
Source
audit@patchstack.com
NVD status
Deferred

Risk scores

CVSS 3.1

Type
Secondary
Base score
6.5
Impact score
3.7
Exploitability score
2.3
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
Severity
MEDIUM

Weaknesses

audit@patchstack.com
CWE-79

Social media

Hype score
Not currently trending

  1. CVE-2024-56208 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in desertthemes NewsMash newsmash allows Stored XSS.This issue affe… https://t.co/UBlXjuGYor

    @CVEnew

    22 Feb 2026

    1101 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.