CVE-2024-13388
CVE-2024-13388 (TCBD Tooltip, WordPress) In TCBD Tooltip, stored XSS via the tcbdtooltip_text shortcode affects all versions up to 1.0 due to insufficient input sanitization and output escaping. An attacker with contributor+ access can inject JavaScript that executes when users load an injected p...