WordPress Weather Widget Pro plugin <= 1.1.40 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Weather Widget Pro versions = 1.1.40...

WordPress Weather Widget Pro Plugin <= 1.1.40 is vulnerable to Cross Site Scripting (XSS)

Software Weather Widget Pro Type Plugin Vulnerable versions = 1.1.40 Fixed in 1.1.41 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-35755 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5b92161cd34b Credits LVT-tholv2k Required privilege...