From this webpage screenshot, the following key vulnerability information can be obtained: 1. Plugin Name: Starbox < 3.5.2 2. Vulnerability Type: Admin+ Stored XSS 3. Description: The plugin does not sanitize or escape certain settings, allowing high-privilege users (such as administrators) to execute stored cross-site scripting attacks when unfiltered HTML capability is disabled. 4. Proof of Concept: Provides step-by-step instructions on how to exploit the vulnerability. 5. Affected Plugin: starbox 6. Fix Status: Fixed in version 3.5.2. 7. References: Includes CVE and URL information. 8. Classification: Type XSS, categorized as A7: Cross-Site Scripting (XSS) in OWASP TOP 10, CWE-79. 9. Additional Information: - Original Researcher: Krugov Artyom - Submitter: Krugov Artyom - Submitter Website: https://research.cleantalk.org - Verification Status: Yes - WPVDB ID: cbfcbe57-553d-490a-b7f3-48aa0022f63d - Publication Date: 2024-08-20 - Added Date: 2024-08-20 - Last Updated: 2024-08-20 - Related Vulnerabilities: - Accessibility < 1.0.4 - Admin+ Stored XSS - WP Project Manager < 2.6.9 - Subscriber+ Stored XSS - HT Mega - Absolute Addons For Elementor < 2.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Tooltip & Popover Widget - Absolutely Glamorous Custom Admin < 6.5.5 - CSRF & XSS - WP Last Modified Info < 1.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Imt-post-modified-info Shortcode This information helps users understand the vulnerability details, scope of impact, and exploitation methods.