2 matches found
CVE-2021-24476
CVE-2021-24476 concerns the WordPress plugin Steam Group Viewer (v2.1 and earlier). The vulnerability arises because the plugin does not sanitize/escape the“三Steam Group Address” setting before outputting it on pages, enabling an authenticated Stored Cross-Site Scripting (XSS) issue. The impact s...
CVE-2021-24476 Steam Group Viewer <= 2.1 - Authenticated Stored Cross-Site Scripting (XSS)
The Steam Group Viewer WordPress plugin through 2.1 does not sanitise or escape its "Steam Group Address" settings before outputting it in the page, leading to an authenticated Stored Cross-Site Scripting issue...