CVE-2024-37956 Information

Description

Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in VektorInc. VK All in One Expansion Unit allows Stored XSS.This issue affects VK All in One Expansion Unit: from n/a through 9.98.1.0.

Reference

https://patchstack.com/database/vulnerability/vk-all-in-one-expansion-unit/wordpress-vk-all-in-one-expansion-unit-plugin-9-97-2-1-cross-site-scripting-xss-vulnerability?_s_id=cve