CVE-2024-13056

Name of the Vulnerable Software and Affected Versions Dyn Business Panel WordPress plugin version 1.0.0

Description The issue arises from the plugin not sanitizing and escaping a parameter before outputting it back in the page. This leads to a Reflected Cross-Site Scripting that could be used against high privilege users, such as administrators.

Recommendations For version 1.0.0, consider disabling the plugin until a patch is available to prevent potential exploitation. Restrict access to the plugin's functionality to minimize the risk of Reflected Cross-Site Scripting attacks. At the moment, there is no information about a newer version that contains a fix for this issue.