CVE-2024-3956
CVE-2024-3956 (Pods – Custom Content Types and Fields, WordPress) is a stored XSS in the Pod Form Redirect URL triggered by authenticated users with contributor-level access or higher, affecting all versions up to 3.2.1. Root cause: insufficient input sanitization and output escaping on user-supp...