2021-08-02 10:32:19
WPScan
PUBLISHED
The DrawBlog WordPress plugin through 0.90 does not sanitise or validate some of its settings before outputting them back in the page, leading to an authenticated stored Cross-Site Scripting issue