CVE-2024-9704
CVE-2024-9704 refers to the WordPress Social Sharing (by Danny) plugin, vulnerable up to version 1.3.7. Root cause: insufficient input sanitization and output escaping on the dvk_social_sharing shortcode, enabling stored XSS. Impact: authenticated users with contributor-level access and above can...