CVE-2024-13632
CVE-2024-13632 affects the WP Extra Fields WordPress plugin (≤1.0.1). The vulnerability is a Reflected Cross‑Site Scripting caused by insufficient sanitisation/escaping of a parameter before output, potentially affecting high-privilege users (e.g., admin). The CVSSv3.1 base score is 7.1 (HIGH) wi...