Vulnerabilities

CVE-2021-24592

by Fred · 30/08/2021

The Sitewide Notice WP WordPress plugin before 2.3 does not sanitise some of its settings before outputting them in frontend pages, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed

Date published : 2021-08-30

https://wpscan.com/vulnerability/9579ff13-9597-4a77-8cb9-997e35265d22

Similar

Tags: Cybersecurity Alert