CVE-2024-37308
The Cooked Pro (Cooked – Recipe Management) WordPress plugin is affected by CVE-2024-37308: an authenticated Persistent Cross‑Site Scripting (XSS) vulnerability in _recipe_settings[post_title] up to version 1.7.15.4. The root cause is insufficient input sanitization and output escaping, allowing ...