2 matches found
CVE-2021-24344
The Easy Preloader WordPress plugin through 1.0.0 does not sanitise its setting fields, leading to authenticated admin+ Stored Cross-Site scripting issues...
CVE-2021-24344
The CVE-2021-24344 entry concerns the Easy Preloader WordPress plugin up to version 1.0.0. The root cause is a failure to sanitize the plugin’s settings fields, which enables authenticated (admin+) Stored Cross-Site Scripting (XSS). Affected component is the plugin’s settings handling (no additio...