CVE-2024-12724

WP DeskLite WordPress plugin up to version 1.0.0 is affected by a reflected XSS due to unsanitized/unescaped parameters echoed back in pages. This can enable script execution in admin users’ browsers when a crafted request is sent. Affected: WP DeskLite 1.0.0 and earlier. Root cause: parameter ou...