CVE-2024-13672
CVE-2024-13672 pertains to the WordPress plugin “Mini Course Generator” and enables Stored Cross-Site Scripting via the mcg shortcode on affected pages. The issue affects versions up to 1.0.5 and arises from insufficient input sanitization and output escaping for user-supplied attributes, enablin...