CVE-2021-24613
The CVE concerns the WordPress plugin Post Views Counter, affected version: before 1.3.5. The root cause is improper sanitisation/escaping of the Post Views Label setting, enabling Cross‑Site Scripting (XSS) in the frontend when unfiltered_html is disallowed. The description notes that high‑privi...