CVE-2024-6019

Name of the Vulnerable Software and Affected Versions: Music Request Manager WordPress plugin versions 1.3 and earlier

Description: The issue allows unauthenticated users to perform Cross-Site Scripting attacks against administrators due to the plugin's failure to sanitise and escape incoming music requests. This could potentially lead to malicious actions being executed on the administrator's account.

Recommendations: For Music Request Manager WordPress plugin versions 1.3 and earlier, update to a version that properly sanitises and escapes incoming music requests to prevent Cross-Site Scripting attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.