CVE-2024-27196

Name of the Vulnerable Software and Affected Versions postMash – custom post order versions 1.2.0 and earlier

Description The issue is a Cross Site Scripting (XSS) vulnerability, specifically a Reflected XSS, in the postMash – custom post order plugin. This type of vulnerability allows an attacker to inject malicious scripts into a website, potentially leading to unauthorized actions or data theft.

Recommendations For postMash – custom post order versions 1.2.0 and earlier, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.