CVE-2024-12302 Information

Description

The Icegram Engage WordPress plugin before 3.1.32 does not sanitise and escape some of its Campaign settings which could allow authors and above to perform Stored Cross-Site Scripting attacks

Reference

https://wpscan.com/vulnerability/ed860dac-8c4a-482f-8826-31f1a894b6ce/