This vulnerability in AWP Classifieds arises from insufficient sanitization of user-supplied input that is rendered in web pages, enabling an attacker to inject script-related HTML tags. The issue affects versions up to and including 4.4.3. The CVSS vector (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) indicates that the vulnerability can be exploited remotely without privileges or user interaction, resulting in limited confidentiality impact but no integrity or availability impact. No vendor advisory or patch links are available at this time, and the product is not a cloud service, so remediation depends on vendor updates or user-applied patches.

Successful exploitation allows an attacker to inject malicious scripts into web pages served by the vulnerable plugin, potentially leading to limited confidentiality breaches such as theft of non-sensitive information accessible via the browser context. There is no impact on data integrity or system availability. No known active exploitation has been reported.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, users should consider disabling or removing the affected plugin version or applying any available third-party patches or workarounds that sanitize user input. Monitor official vendor channels for updates.