CVE-2024-2744

{"id": "CVE-2024-2744", "metrics": {}, "published": "2024-05-17T06:15:51.583", "references": [{"url": "https://wpscan.com/vulnerability/a5579c15-50ba-4618-95e4-04b2033d721f/", "source": "contact@wpscan.com"}], "vulnStatus": "Awaiting Analysis", "descriptions": [{"lang": "en", "value": "The NextGEN Gallery WordPress plugin before 3.59.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed"}], "lastModified": "2024-05-17T18:36:05.263", "sourceIdentifier": "contact@wpscan.com"}