High severity7.1NVD Advisory· Published Jan 30, 2025· Updated Jun 17, 2026
CVE-2024-12400
CVE-2024-12400
Description
The tourmaster WordPress plugin before 5.3.5 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/3542315c-93c3-41dd-a99e-02a38cfd58fb/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.