Security Advisory

CVE-2021-24464

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-08-02 10:32:10

Last updated 2024-08-03 19:35:19

Assigner WPScan

State PUBLISHED

Description

The YouTube Embed, Playlist and Popup by WpDevArt WordPress plugin before 2.3.9 did not escape, validate or sanitise some of its shortcode options, available to users with a role as low as Contributor, leading to an authenticated Stored Cross-Site Scripting issue.

← Browse all CVEs View on cve.org ↗