WordPress eHive Objects Image Grid plugin <= 2.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin eHive Objects Image Grid versions = 2.4.1...

CVE-2024-13662

CVE-2024-13662 describes an authenticated Stored Cross-Site Scripting vulnerability in the WordPress plugin eHive Objects Image Grid (versions up to and including 2.4.1). The issue arises from insufficient input sanitization and output escaping in the shortcode ehive_objects_image_grid , allowing...