CVE-2024-13225
The CVE CVE-2024-13225 affects the ECT Home Page Products WordPress plugin (versions up to 1.9), where a parameter is not sanitized/escaped before being output, enabling a Reflected XSS against high-privilege users (e.g., admins). The CVSS 3.1 base score is 6.1 (UI: REQUIRED; AV:N/AC:L/PR:N/C:L/I...