CVE-2024-54434
CVE-2024-54434 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin phZoom (Phoetry) that leads to Stored XSS. Affected: phZoom versions up to 1.2.92. Root cause: CSRF allowing stored XSS payloads, as stated in the description. Impact: Stored XSS risk in sites using...