3 matches found
CVE-2021-39356
Content Staging (WordPress) plugin ≤ 2.0.1 is vulnerable to Stored XSS due to insufficient input validation/escaping in parameters echoed by templates/settings.php. Administrative-authenticated attackers can inject arbitrary scripts; impact affects multisite and sites where unfiltered_html is dis...
CVE-2021-39356 Content Staging <= 2.0.1 Authenticated Stored Cross-Site Scripting
The Content Staging WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and escaping via several parameters that are echo'd out via the /templates/settings.php file which allowed attackers with administrative user access to inject arbitrary web...
CVE-2021-39356 Content Staging <= 2.0.1 Authenticated Stored Cross-Site Scripting
The Content Staging WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and escaping via several parameters that are echo'd out via the /templates/settings.php file which allowed attackers with administrative user access to inject arbitrary web...