CVE-2021-24855
CVE-2021-24855 affects the WordPress plugin Display Post Metadata (before 1.5.0). The vulnerability arises from unsanitised/unescaped content in a shortcode that prints custom fields, enabling stored Cross-Site Scripting for users with as low as Contributor. Impact is elevated to XSS through the ...