Vulnerabilities

CVE-2021-24882

by Fred · 23/11/2021

The Slideshow Gallery WordPress plugin before 1.7.4 does not sanitise and escape the Slide "Title", "Description", and Gallery "Title" fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed

Date published : 2021-11-23

https://wpscan.com/vulnerability/6d71816c-8267-4b84-9087-191fbb976e72

Similar

Tags: Cybersecurity Alert