CVE-2021-24972
The CVE-2021-24972 entry relates to the WordPress Pixel Cat plugin (Pixel Cat Lite) prior to version 2.6.3, where certain settings are not escaped. This can allow a high-privilege user to perform Stored Cross-Site Scripting even when unfiltered_html is disallowed. The vulnerability is described a...