CVE-2021-24168
CVE-2021-24168 affects the Easy Contact Form Pro WordPress plugin prior to 1.1.1.9. The vulnerability is an authenticated stored XSS caused by insufficient sanitization of text fields (e.g., Email Subject, Email Recipient) during form creation/editing. This could allow medium-privilege accounts (...