CVE-2024-10878
CVE-2024-10878 affects the WordPress plugin Sugar Calendar – Lite (Sugar Calendar) up to version 3.3.0 . The vulnerability is a Reflected Cross-Site Scripting (XSS) caused by improper escaping in the URL through the use of add_query_arg and remove_query_arg . This allows unauthenticated attackers...