From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. Vulnerability Name: Popup, Optin Form & Email Newsletters for Mailchimp, HubSpot, AWeber - MailOptin <= 1.2.70.3 - Authenticated (Contributor+) Stored Cross-Site Scripting 2. Vulnerability Description: - Describes an unvalidated input and output escaping issue in the shortcode of the MailOptin plugin. - This vulnerability allows attackers with Contributor or higher privileges to inject arbitrary scripts into pages. When users visit the compromised pages, the injected scripts will be executed. 3. Vulnerability ID: - CVE-2024-8628 - CVSS Score: 5.4 (Medium) 4. Public Release Date: September 23, 2024 5. Last Updated Date: September 24, 2024 6. Researcher: Francesco Carlucci 7. Fix Status: Fixed - Users are advised to update to version 1.2.70.4 or higher. 8. Affected Versions: <= 1.2.70.3 9. Fixed Version: 1.2.70.4 10. Disclaimer: - This record contains copyrighted material. - Copyright and licensing information: - Defiant Inc.: Grants a perpetual, global, non-exclusive, royalty-free, irrevocable copyright license. - MITRE Corporation: Grants a perpetual, global, non-exclusive, royalty-free, irrevocable copyright license. 11. Contact Information: - If you have information to add or discover errors, please contact wfi-support@wordfence.com. 12. Wordfence Intelligence: - Provides free access to a WordPress vulnerability database and API integration. - Real-time vulnerability notifications can be obtained by installing the Wordfence plugin. This information helps users understand the details of the vulnerability, its scope of impact, and how to remediate and prevent it.