From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. Vulnerability Name: Memberlite Shortcodes <= 1.3.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via memberlite_accordion Shortcode 2. Vulnerability Type: Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) 3. CVSS Score: 6.4 (Medium) 4. Public Release Date: November 22, 2024 5. Update Date: November 23, 2024 6. Researcher: Peter Thaleikis 7. Fix Status: Fixed 8. Affected Versions: <= 1.3.9 9. Fixed Version: 1.4 10. Vulnerability Description: The Memberlite Shortcodes plugin contains a Cross-Site Scripting (XSS) vulnerability in all versions (including 1.3.9) due to improper neutralization of input and failure to escape user-provided attributes in output. This allows an authenticated attacker with Contributor or higher privileges to inject arbitrary scripts into pages, which will execute when users visit the compromised page. 11. Reference Links: plugins.trac.wordpress.org, wordpress.org, plugins.trac.wordpress.org 12. Sharing Options: Facebook, Twitter, LinkedIn, Email 13. Vulnerability Details: Includes software type, plugin name, whether fixed, remediation advice, affected versions, and fixed versions. 14. Copyright Information: The record contains copyrighted material. 15. Vulnerability Database: Wordfence Intelligence’s WordPress vulnerability database is free and accessible via API. 16. Notification Service: Latest vulnerability notifications can be received by installing the Wordfence plugin. 17. Documentation: Documentation on how to access and consume vulnerability data via API. This information helps users understand the vulnerability details and how to remediate and prevent such vulnerabilities.