CVE-2024-9021

Name of the Vulnerable Software and Affected Versions: Relevanssi WordPress plugin versions prior to 4.23.1

Description: The issue allows for Stored XSS attacks by embedding malicious scripts, potentially leading to account takeover. This can be exploited by a remote attacker to perform cross-site scripting attacks. The vulnerability exists due to inadequate protection of the webpage structure.

Recommendations: For versions prior to 4.23.1, update to version 4.23.1 or later to resolve the issue. As a temporary workaround, consider restricting the ability of Contributor+ roles to embed scripts until the update is applied.