4 matches found
CVE-2021-24899
The Media-Tags WordPress plugin through 3.2.0.2 does not sanitise and escape any of its Labels settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtnl capability is disallowed...
CVE-2021-24899
The Media-Tags WordPress plugin through 3.2.0.2 does not sanitise and escape any of its Labels settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtnl capability is disallowed...
CVE-2021-24899
The CVE-2021-24899 relates to the WordPress Media-Tags plugin (
CVE-2021-24899 Media-Tags <= 3.2.0.2 - Admin+ Stored Cross-Site Scripting
The Media-Tags WordPress plugin through 3.2.0.2 does not sanitise and escape any of its Labels settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtnl capability is disallowed...