CVE-2024-2423 | UsersWP Plugin up to 1.2.6 on WordPress Shortcode cross site scripting

Posted by Angelo Barbosa | Mar 14, 2024 | CVE

A vulnerability was found in UsersWP Plugin up to 1.2.6 on WordPress and classified as problematic. Affected by this issue is some unknown functionality of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability is handled as CVE-2024-2423. The attack may be launched remotely. There is no exploit available.

CVE-2024-2423 | UsersWP Plugin up to 1.2.6 on WordPress Shortcode cross site scripting

Related Posts

CVE-2024-27873 | Apple iOS/iPadOS Video out-of-bounds write

CVE-2020-36772 | CloudLinux CageFS up to 7.0.8-2 Sendmail Proxy Command file inclusion

CVE-2024-41940 | Siemens SINEC NMS up to 2.x os command injection (ssa-784301)

CVE-2024-29888 | Saleor up to 3.19.14 Pickup unknown vulnerability (GHSA-mrj3-f2h4-7w45)