CVE-2024-10639
Summary. CVE-2024-10639 concerns the WordPress plugin Auto Prune Posts (pre-3.0.0). Multiple connected sources confirm the root cause: the plugin does not adequately sanitize and escape certain settings, enabling a Stored XSS by high-privilege users (e.g., admins) even when unfiltered_html is dis...