CVE-2024-5444

Name of the Vulnerable Software and Affected Versions: The Bible Text WordPress plugin versions 0.2 and earlier

Description: The issue is related to the lack of validation and escaping of some shortcode attributes in the plugin, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.

Recommendations: For versions 0.2 and earlier, update to a version that includes the necessary validation and escaping of shortcode attributes to prevent Stored Cross-Site Scripting attacks. As a temporary workaround, consider restricting the use of shortcodes to trusted users until a patch is available. Restrict access to the page/post where the shortcode is embedded to minimize the risk of exploitation.