CVE-2024-6792

Name of the Vulnerable Software and Affected Versions WP ULike versions prior to 4.7.2.1

Description The issue arises from the WP ULike WordPress plugin's failure to properly sanitize user display names when rendering them on a public page. This can lead to potential security risks, including the possibility of attackers injecting malicious scripts.

Recommendations For versions prior to 4.7.2.1, update to version 4.7.2.1 or later to resolve the issue. As a temporary workaround, consider restricting the display of user-generated content on public pages until the update is applied.