WP Finance Plugin <= 1.3.6 - Cross-Site Scripting

WP Finance WordPress plugin = 1.3.6 contains a reflected cross-site scripting caused by lack of sanitization and escaping of a parameter before output, letting attackers execute scripts in high privilege users' browsers, exploit requires victim to click a malicious link. id: CVE-2024-13097 info:...

WordPress plugin WP Finance 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...