CVE-2024-13700
The CVE concerns the WordPress plugin Embed Swagger UI (WordPress) up to version 1.0.0, where a Stored Cross-Site Scripting flaw exists in the wpsgui shortcode due to insufficient input sanitization and output escaping. Exploitation requires authentication at contributor level or higher; an attac...