Security Advisory

CVE-2021-24564

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-08-23 11:10:15

Last updated 2024-08-03 19:35:20

Assigner WPScan

State PUBLISHED

Description

The WPFront Scroll Top WordPress plugin before 2.0.6.07225 does not sanitise or escape its Image ALT setting before outputting it attributes, leading to an Authenticated Stored Cross-Site Scripting issues even when the unfiltered_html capability is disallowed.

← Browse all CVEs View on cve.org ↗