Security Advisory

CVE-2021-24482

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-07-19 10:53:19

Last updated 2024-08-03 19:35:19

Assigner WPScan

State PUBLISHED

Description

The Related Posts for WordPress plugin through 2.0.4 does not sanitise its heading_text and CSS settings, allowing high privilege users (admin) to set XSS payloads in them, leading to Stored Cross-Site Scripting issues.

← Browse all CVEs View on cve.org ↗