CVE-2021-24898

The EditableTable WordPress plugin through 0.1.4 does not sanitise and escape any of the Table and Column fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

WordPress 跨站脚本漏洞

WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress EditableTable plugin versions prior to 0.1.4 have a cross-site scripting vulnerability that stems from the...