4 matches found
CVE-2021-24622
The Customer Service Software & Support Ticket System WordPress plugin before 5.10.4 does not sanitize or escape form fields before outputting it in the List, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2021-24622
The Customer Service Software & Support Ticket System WordPress plugin before 5.10.4 does not sanitize or escape form fields before outputting it in the List, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2021-24622
The vulnerability CVE-2021-24622 affects the WordPress WP Ticket plugin prior to 5.10.4. The issue is that the plugin does not sanitize or escape form fields before outputting them in the List, enabling stored Cross-Site Scripting by high-privilege users even when unfiltered_html is disallowed. I...
CVE-2021-24622 WP Ticket < 5.10.4 - Admin+ Stored Cross-Site Scripting
The Customer Service Software & Support Ticket System WordPress plugin before 5.10.4 does not sanitize or escape form fields before outputting it in the List, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...