A vulnerability was found in lucasstad Lucas String Replace Plugin up to 2.0.5 on WordPress. It has been classified as problematic. This affects the function
add_query_arg
. The manipulation leads to cross site scripting.
This vulnerability is uniquely identified as CVE-2024-8734. It is possible to initiate the attack remotely. There is no exploit available.