CVE-2024-10179

CVE-2024-10179 (Slickstream: Engagement and Conversions) — The WordPress Slickstream plugin is vulnerable to Stored XSS via the slick-grid shortcode in versions up to 1.4.4 due to insufficient input sanitization and output escaping on user-supplied attributes. Exploitation requires authenticated ...