CVE-2024-7313 Information

Description

The Shield Security WordPress plugin before 20.0.6 does not sanitise and escape a parameter before outputting it back in the page leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.

Reference

https://wpscan.com/vulnerability/83a1bdc6-098e-43d5-89e5-f4202ecd78a1/