Lucene search

K
prionPRIOn knowledge basePRION:CVE-2021-24604
HistorySep 20, 2021 - 10:15 a.m.

Cross site scripting

2021-09-2010:15:00
PRIOn knowledge base
www.prio-n.com
3

0.001 Low

EPSS

Percentile

24.8%

The Availability Calendar WordPress plugin before 1.2.2 does not sanitise or escape its Category Names before outputting them in page/post where the associated shortcode is embed, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed

CPENameOperatorVersion
availability_calendarlt1.2.2

0.001 Low

EPSS

Percentile

24.8%

Related for PRION:CVE-2021-24604