Cross-site Scripting (XSS) Vulnerability in WPCoder WP Coder
CVE-2024-2578
4.8MEDIUM
What is CVE-2024-2578?
A Cross-Site Scripting (XSS) vulnerability exists in the WP Coder plugin, enabling attackers to execute malicious scripts in the context of a user's session. This vulnerability allows stored XSS attacks, which can result in unauthorized actions performed on behalf of users, exposure of sensitive information, and potential takeover of user accounts. The issue affects WP Coder in versions ranging from n/a to 3.5, necessitating prompt attention and remediation by website administrators utilizing this plugin.
Affected Version(s)
WP Coder <= 3.5