25Mar
CVE-2024-2170 | VK All in One Expansion Unit Plugin up to 9.96.0.1 on WordPress className cross site scripting
A vulnerability was found in VK All in One Expansion Unit Plugin up to 9.96.0.1 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument className leads to cross site scripting. This vulnerability is known as CVE-2024-2170. The attack can be launched remotely. There is no exploit available.