Vulnerability CVE-2024-5744
Published: 2024-07-13

Description:
The wp-eMember WordPress plugin before 10.6.7 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers

 References:
https://wpscan.com/vulnerability/ba50e25c-7250-4025-a72f-74f8eb756246/
Copyright 2026, cxsecurity.com

 

Back to Top