CVE-2024-11636
CVE-2024-11636 affects the Email Subscribers by Icegram Express WordPress plugin prior to 5.7.45. The issue is that certain Text Block options are not properly sanitised/escaped, enabling Stored XSS by high-privilege users (e.g., admins) even when unfiltered_html is disallowed (such as in multisi...