CVE-2024-12734

Name of the Vulnerable Software and Affected Versions Advance Post Prefix WordPress plugin versions through 1.1.1

Description The Advance Post Prefix WordPress plugin does not properly sanitize and escape a parameter before displaying it, resulting in a Reflected Cross-Site Scripting issue. This could potentially be exploited against users with high privileges, such as administrators. The issue involves improper handling of input data, which allows an attacker to inject malicious scripts into the webpage. The vulnerable parameter is not explicitly identified.

Recommendations Update the Advance Post Prefix WordPress plugin to a version later than 1.1.1.