CVE-2021-47924
The CVE-2021-47924 entry concerns the WordPress plugin Ultimate Product Catalog, version 5.8.2. The vulnerability is a stored cross-site scripting (XSS) flaw in which authenticated attackers can inject HTML/JavaScript into the price parameter via POST to post.php, leading to code execution when a...