CVE-2024-4749 Information

Description

The wp-eMember WordPress plugin before 10.3.9 does not sanitize and escape the ieldId\ parameter before outputting it back in the page leading to a Reflected Cross-Site Scripting.

Reference

https://wpscan.com/vulnerability/6cc05a33-6592-4d35-8e66-9b6a9884df7e/