WP Google Review Slider, CVE-2024-2310

CVE, Research URL: CVE-2024-2310
Home page URL: Security reports for WP Google Review Slider
Application: WP Google Review Slider
Published on: Apr 26, 2024
Research Description: The WP Google Review Slider WordPress plugin before 13.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Affected versions: Min -, max 13.6.
Status: vulnerable