CVE-2024-6708

CVE-2024-6708 affects the WordPress plugin User Profile Builder , with versions prior to 3.12.2. The root cause is insufficient sanitisation/escaping of parameters in content output in the admin area, enabling Admin+ users to perform Cross-Site Scripting (XSS). The known impact is stored XSS in a...