WordPress Cross-Site Scripting Vulnerability (CNVD-2021-84598)

WordPress is the WordPress (Wordpress) Foundation’s suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. WordPress plugin Video Gallery -Vimeo and YouTube Gallery 1.1.4 and earlier versions have a cross-site scripting vulnerability, which stems from the plugin’s lack of valid validation and escaping for the title and description attributes of the video gallery, resulting in storage cross-site scripting issue. No detailed vulnerability details are currently available.