Vulnerabilities > Gcsdesign > WP Category Dropdown > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-09-25 CVE-2024-8103 Cross-site Scripting vulnerability in Gcsdesign WP Category Dropdown
The WP Category Dropdown plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'align' parameter in all versions up to, and including, 1.8 due to insufficient input sanitization and output escaping.
network
low complexity
gcsdesign CWE-79
5.4