3 matches found
CVE-2021-24898
The EditableTable WordPress plugin through 0.1.4 does not sanitise and escape any of the Table and Column fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2021-24898
The EditableTable WordPress plugin through 0.1.4 does not sanitise and escape any of the Table and Column fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2021-24898
CVE-2021-24898 concerns WordPress EditableTable plugin versions up to 0.1.4. Multiple connected sources confirm a stored Cross‑Site Scripting vulnerability caused by the plugin not sanitising or escaping table/column fields, enabling an attacker with high privileges to inject and execute JavaScri...