2 matches found
CVE-2021-24743
The CVE-2021-24743 entry concerns the WordPress Podcast Subscribe Buttons plugin (versions prior to 1.4.2). Affected component: plugin code handling post edits/adds. Root cause: lack of input sanitization leading to stored XSS when users with post-editing capabilities submit data. Impact is store...
CVE-2021-24743 Podcast Subscribe Buttons < 1.4.2 - Contributor+ Stored XSS
The Podcast Subscribe Buttons WordPress plugin before 1.4.2 allows users with any role capable of editing or adding posts to perform stored XSS...