3 matches found
CVE-2021-24665
creationtimestamp| type| source ---|---|--- 2021-08-30 18:32:29+00:00| seen| https://t.me/cibsecurity/28011...
CVE-2021-24665
The CVE-2021-24665 entry affects the WP Video Lightbox WordPress plugin (versions before 1.9.3). The root cause is failure to escape shortcode attribute values, allowing stored Cross-Site Scripting (XSS) by users with as low as contributor privileges. Reported impact is XSS that could be triggere...
CVE-2021-24665 WP Video Lightbox < 1.9.3 - Contributor+ Stored Cross-Site Scripting
The WP Video Lightbox WordPress plugin before 1.9.3 does not escape the attributes of its shortcodes, allowing users with a role as low as contributor to perform Cross-Site Scripting attacks...