CVE-2024-9228
Mode C: Details available. The CVE concerns the WordPress plugin Loggedin – Limit Active Logins, affected all versions up to 1.3.1. The vulnerability is Reflected Cross-Site Scripting caused by insufficient escaping in add_query_arg, exploitable by unauthenticated attackers when the user is shown...