WordPress Plugin Cross-Site Scripting Vulnerability (CNVD-2021-101989)

WordPress is the Wordpress Foundation’s set of blogging platform developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. nspirational Quote Rotator plugin is a WordPress open source application plugin. WordPress Inspirational Quote Rotator plugin in version 1.0 and prior existed cross-site scripting The vulnerability stems from a lack of user-supplied data and output data validation filtering when dding/editing quotes. An attacker with administrator status could use this vulnerability to execute JavaScript code on the client side.