CVE-2021-38353

The Dropdown and scrollable Text WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the content parameter found in the /index.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.0...

Regular Expression Denial Of Service (ReDoS)

ckeditor4 is vulnerable to regular expression denial of service. An insecure usage of the regular expression allows an attacker to crash the user's browser through excessive memory consumption by tricking a user into pasting a malicious text into the Styles input in the Advanced Tab for Dialogs...