Description
Insufficient output sanitization in TCExam 14.2.2 allows a remote, unauthenticated attacker to conduct persistent cross-site scripting (XSS) attacks via the self-registration feature.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP User Manager-User Profile Builder & Membership Security Bypass (2.6.2)
WordPress Plugin WooCommerce Conversion Tracking Cross-Site Request Forgery (2.0.4)
WordPress Plugin WordLift-AI powered SEO-Schema Cross-Site Scripting (3.37.1)
WordPress Plugin WP-SpamFree Anti-Spam Cross-Site Scripting (2.1.1.6)