CVE-2024-12508
CVE-2024-12508 concerns the WordPress plugin Glofox Shortcodes. The vulnerability is a Stored XSS in the plugin’s shortcodes glofox and glofox_lead_capture (up to and including version 2.6). The issue arises from insufficient input sanitization and output escaping on user-supplied attributes, ena...