From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: YITH WooCommerce Ajax Search < 2.7.1 2. **Vulnerability Type**: XSS (Cross-Site Scripting) 3. **Impact Scope**: YITH WooCommerce Ajax Search plugin 4. **Vulnerability Description**: Due to insufficient sanitization of user-provided block attributes, attackers with Contributor+ privileges can inject arbitrary scripts. 5. **Proof of Concept**: An example code is provided to demonstrate how to exploit the vulnerability. 6. **Affected Versions**: Versions 2.7.1 and earlier 7. **CVE ID**: CVE-2024-7846 8. **OWASP Top 10**: A7: Cross-Site Scripting (XSS) 9. **CWE ID**: CWE-79 10. **CVSS Score**: 5.9 (Medium) 11. **Original Researcher**: John Castro 12. **Submitter**: John Castro 13. **Verification Status**: Verified 14. **WPVDB ID**: 86f7a136-d09b-4637-97ae-2cdaaff172a3 15. **Public Release Date**: 2024-09-02 16. **Added Date**: 2024-09-02 17. **Last Updated Date**: 2024-09-02 18. **Other Related Vulnerabilities**: - WPB Show Core < 2.7 - Reflected XSS - Visual Form Builder < 3.0.7 - Admin+ Stored Cross-Site Scripting - Meta Slider <= 2.5 - Cross-Site Scripting (XSS) - Page View Counts < 2.4.9 - Contributor+ Stored XSS - PWA for WP <= 1.0.8 - XSS This information helps understand the nature, scope of impact, and exploitation method of the vulnerability.