CVE-2024-13633
CVE-2024-13633 concerns the WordPress plugin Simple Catalogue (versions up to 1.0.2). The issue is a Reflected XSS caused by the plugin not sanitising or escaping a parameter before outputting it on the page, which could enable an attacker to leverage admin or high-privilege sessions. The connect...