CVE-2021-24416

The CVE concerns the WordPress plugin StreamCast – Radio Player for WordPress, specifically versions before 2.1.1. The vulnerability is a Stored Cross-Site Scripting (XSS) flaw caused by the plugin not sanitising or validating shortcode parameters, allowing a user with a role as low as Contributo...