CVE-2024-13625

Name of the Vulnerable Software and Affected Versions Tube Video Ads Lite WordPress plugin versions 1.5.7 and earlier

Description The issue arises from the plugin's failure to sanitise and escape a parameter before outputting it back in the page. This leads to a Reflected Cross-Site Scripting that could be used against high privilege users, such as administrators.

Recommendations For versions 1.5.7 and earlier, update to a version later than 1.5.7 to resolve the issue. As a temporary workaround, consider restricting access to the plugin's functionality until a patch is available.