CVE-2024-5744 in wp-eMember Plugin
Sumário
de MITRE • 13/07/2024
The wp-eMember WordPress plugin before 10.6.7 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers
If you want to get the best quality for vulnerability data then you always have to consider VulDB.