3 matches found
CVE-2021-24366
The Admin Columns WordPress plugin before 4.3 and Admin Columns Pro WordPress plugin before 5.5.1 do not sanitise and escape its Label settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowe...
CVE-2021-24366 Admin Columns Free < 4.3 & Pro < 5.5.1 - Admin+ Stored XSS in Label
The Admin Columns WordPress plugin before 4.3 and Admin Columns Pro WordPress plugin before 5.5.1 do not sanitise and escape its Label settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowe...
CVE-2021-24366
CVE-2021-24366 affects the WordPress plugins Admin Columns Free < 4.3 and Admin Columns Pro