Unrated severityNVD Advisory· Published Jan 6, 2025· Updated Jan 6, 2025
Icegram Engage < 3.1.32 - Author+ Stored XSS
CVE-2024-12302
Description
The Icegram Engage WordPress plugin before 3.1.32 does not sanitise and escape some of its Campaign settings, which could allow authors and above to perform Stored Cross-Site Scripting attacks
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <3.1.32
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/ed860dac-8c4a-482f-8826-31f1a894b6ce/mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.