3 matches found
CVE-2021-24609
creationtimestamp| type| source ---|---|--- 2021-10-01 21:25:22+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/626...
CVE-2021-24609
The CVE covers the WP Mapa Politico Espana WordPress plugin before 3.7.0, where certain settings are not sanitized/escaped before output in attributes, allowing authenticated high-privilege users to perform stored XSS. Mitigation: upgrade to version 3.7.0 or later.
CVE-2021-24609 WP Mapa Politico Espana < 3.7.0- Authenticated Stored XSS
The WP Mapa Politico Espana WordPress plugin before 3.7.0 does not sanitise or escape some of its settings before outputting them in attributes, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...