NuytsTech Security

CVE-2021-24658

by ·

The Erident Custom Login and Dashboard WordPress plugin before 3.5.9 did not properly sanitise its settings, allowing high privilege users to use XSS payloads in them (even when the unfileted_html is disabled)

Date published : 2021-08-23

https://plugins.trac.wordpress.org/changeset/2507516

https://wpscan.com/vulnerability/ec70f02b-02a1-4511-949e-68f2d9d37ca8

Tags: