CVE-2023-4476
The CVE-2023-4476 entry concerns the Locatoraid Store Locator WordPress plugin, affected version prior to 3.9.24. The vulnerability is a Reflected Cross-Site Scripting caused by improper sanitisation/escaping of the lpr-search parameter when it is output back to the page. This could allow an atta...