2 matches found
CVE-2021-24587
CVE-2021-24587 affects the Splash Header WordPress plugin prior to version 1.20.8. The underlying issue is improper sanitisation/escaping of certain plugin settings when they are output in the admin dashboard, enabling authenticated stored Cross-Site Scripting (XSS). The documented impact is an a...
CVE-2021-24587 Splash Header < 1.20.8 - Authenticated Stored Cross-Site Scripting (XSS)
The Splash Header WordPress plugin before 1.20.8 doesn't sanitise and escape some of its settings while outputting them in the admin dashboard, leading to an authenticated Stored Cross-Site Scripting issue...