Vulnerabilities

CVE-2021-24440

by Fred · 12/07/2021

The Sign-up Sheets WordPress plugin before 1.0.14 did not sanitise or escape some of its fields when creating a new sheet, allowing high privilege users to add JavaScript in them, leading to a Stored Cross-Site Scripting issue. The payloads will be triggered when viewing the ‘All Sheets’ page in the admin dashboard

Date published : 2021-07-12

https://wpscan.com/vulnerability/ba4503f7-684e-4274-bc53-3aa848712496

Similar

Tags: Cybersecurity Alert