4 matches found
CVE-2021-24702
The LearnPress WordPress plugin before 4.1.3.1 does not properly sanitize or escape various inputs within course settings, which could allow high privilege users to perform Cross-Site Scripting attacks when the unfiltredhtml capability is disallowed...
CVE-2021-24702
The LearnPress WordPress plugin before 4.1.3.1 does not properly sanitize or escape various inputs within course settings, which could allow high privilege users to perform Cross-Site Scripting attacks when the unfiltredhtml capability is disallowed...
CVE-2021-24702
CVE-2021-24702 concerns the LearnPress WordPress plugin. The provided documents describe a vulnerability in which the plugin, in versions before 4.1.3.1, does not properly sanitize or escape inputs in course settings, potentially enabling Cross-Site Scripting (XSS) for high-privilege users when u...
CVE-2021-24702 LearnPress < 4.1.3.1 - Multiple Admin+ Stored Cross-Site Scripting
The LearnPress WordPress plugin before 4.1.3.1 does not properly sanitize or escape various inputs within course settings, which could allow high privilege users to perform Cross-Site Scripting attacks when the unfiltredhtml capability is disallowed...