CVE-2021-24976
CVE-2021-24976 involves the WordPress plugin Smart SEO Tool (versions before 3.0.6). The issue is a reflected Cross-Site Scripting (XSS) caused by not sanitising/escaping the search parameter when the plugin’s TDK optimisation setting is enabled, allowing the parameter to be echoed back in an HTM...