CVE-2021-25029
CVE-2021-25029 affects the WordPress CLUEVO LMS plugin prior to version 1.8.1. The vulnerability arises because the plugin does not sanitize and escape data in the Course module, enabling stored Cross‑Site Scripting (XSS) by high-privilege users even when unfiltered_html is disallowed. Impact is ...