CVE-2024-10177

CVE-2024-10177 affects Beds24 Online Booking plugin for WordPress. The vulnerability is a Stored Cross-Site Scripting (XSS) via the beds24-link shortcode, caused by insufficient input sanitization and output escaping on user-supplied attributes. Exploitation requires authentication at contributor...