CVE-2021-24792
The Shiny Buttons WordPress plugin through 1.1.0 does not have any authorisation and CSRF in place when saving a template wpbtnsavetemplate function hooked to the init action, nor sanitise and escape them before outputting them in the admin dashboard, which allow unauthenticated users to add a...