Vulnerabilities

CVE-2021-24794

by Fred · 01/11/2021

The Connections Business Directory WordPress plugin before 10.4.3 does not escape the Address settings when creating an Entry, which could allow high privilege users to perform Cross-Site Scripting when the unfiltered_html capability is disallowed.

Date published : 2021-11-01

https://wpscan.com/vulnerability/651dc567-943e-4f57-8ec4-6eee466785f5

Similar

Tags: Cybersecurity Alert