CVE-2024-6272
The CVE-2024-6272 entry concerns the WordPress SpiderContacts plugin (versions ≤ 1.1.7). The vulnerability arises because a request parameter is not sanitised/escaped before being reflected in the page, enabling a Reflected XSS that could affect high-privilege users such as admins. Exploitation d...