AI Score
Confidence
High
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
The Pet Manager WordPress plugin through 1.4 does not sanitise and escape some of its Pet settings, which could allow high privilege users such as Contributor to perform Stored Cross-Site Scripting attacks.
wpscan.com/vulnerability/2074d0f5-4165-4130-9391-37cb21e8aa1b/