CVE-2024-3732

The GeoDirectory – WordPress Business Directory Plugin, or Classified Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gdsingletabs' shortcode in all versions up to, and including, 2.3.48 due to insufficient input sanitization and output escaping on us...

PT-2024-27475 · WordPress · Geodirectory

Name of the Vulnerable Software and Affected Versions: The GeoDirectory – WordPress Business Directory Plugin versions up to, and including, 2.3.48 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'gd single tabs' shortcode due to insufficient input sanitization a...