6.1 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Description The plugin does not sanitise and escape some parameters, which could allow users with a role as low as editor to perform Cross-Site Scripting attacks
1. Create a new slider and inset: (1212"onmouseover='alert(1)') to "URL View" field.
research.cleantalk.org/cve-2024-4372/