CVE-2024-11924
CVE-2024-11924 corresponds to Icegram Express (formerly Email Subscribers) WordPress plugin prior to 5.7.52. The issue is Stored XSS arising from insufficient sanitisation/escaping of plugin settings, enabling high-privilege users (e.g., admins) to inject scripts even when unfiltered_html is disa...