4 matches found
CVE-2021-4378
The WP Quick FrontEnd Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 5.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with minimal permissions like subscribers, to inject...
CVE-2021-4378 WP Quick FrontEnd Editor <= 5.5 - Authenticated (Subscriber+) Stored Cross-Site Scripting
The WP Quick FrontEnd Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 5.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with minimal permissions like subscribers, to inject...
CVE-2021-4378
CVE-2021-4378 concerns the WordPress plugin WP Quick FrontEnd Editor . The vulnerability is a Stored Cross‑Site Scripting flaw caused by insufficient input sanitization and output escaping, affecting versions up to and including 5.5. The impact allows an attacker with minimal permissions (e.g., s...
CVE-2021-4378 WP Quick FrontEnd Editor <= 5.5 - Authenticated (Subscriber+) Stored Cross-Site Scripting
The WP Quick FrontEnd Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 5.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with minimal permissions like subscribers, to inject...